Sharepoint Server@* Security Vulnerabilities and Issues — Page 4 of Sharepoint Server@* CVE List

Lucene search

MicrosoftSharepoint Server*

249 matches found

CVE•added 2024/07/09 5:15 p.m.•93 views

CVE-2024-38024

Microsoft SharePoint Server Remote Code Execution Vulnerability

7.2CVSS7.3AI score0.68797EPSS

CVE•added 2019/05/16 7:29 p.m.•92 views

CVE-2019-0949

A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2019-0950, CVE-2019-0951.

5.7CVSS5.4AI score0.07161EPSS

CVE•added 2020/06/09 8:15 p.m.•92 views

CVE-2020-1323

An open redirect vulnerability exists in Microsoft SharePoint that could lead to spoofing.To exploit the vulnerability, an attacker could send a link that has a specially crafted URL and convince the user to click the link, aka 'SharePoint Open Redirect Vulnerability'.

6.1CVSS6.5AI score0.01545EPSS

CVE•added 2022/10/11 7:15 p.m.•92 views

CVE-2022-38053

Microsoft SharePoint Server Remote Code Execution Vulnerability

8.8CVSS8.7AI score0.51084EPSS

CVE•added 2022/11/09 10:15 p.m.•92 views

CVE-2022-41062

Microsoft SharePoint Server Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.02164EPSS

CVE•added 2019/01/08 9:29 p.m.•91 views

CVE-2019-0558

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft Office SharePoint XSS Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoint, Micros...

5.4CVSS5.1AI score0.00485EPSS

CVE•added 2019/11/12 7:15 p.m.•91 views

CVE-2019-1442

A security feature bypass vulnerability exists when Microsoft Office does not validate URLs.An attacker could send a victim a specially crafted file, which could trick the victim into entering credentials, aka 'Microsoft Office Security Feature Bypass Vulnerability'.

5.5CVSS5.9AI score0.07105EPSS

CVE•added 2020/05/21 11:15 p.m.•91 views

CVE-2020-1100

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1099, CVE-2020-1101, CVE-2020-1106...

5.4CVSS5.1AI score0.01851EPSS

CVE•added 2022/11/09 10:15 p.m.•91 views

CVE-2022-41060

Microsoft Word Information Disclosure Vulnerability

5.5CVSS6.1AI score0.00285EPSS

CVE•added 2019/10/10 2:15 p.m.•90 views

CVE-2019-1328

5.4CVSS5.8AI score0.00595EPSS

CVE•added 2020/05/21 11:15 p.m.•90 views

CVE-2020-1069

A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP.Net web controls, aka 'Microsoft SharePoint Server Remote Code Execution Vulnerability'.

8.8CVSS8.4AI score0.34532EPSS

CVE•added 2020/05/21 11:15 p.m.•90 views

CVE-2020-1103

An information disclosure vulnerability exists where certain modes of the search function in Microsoft SharePoint Server are vulnerable to cross-site search attacks (a variant of cross-site request forgery, CSRF).When users are simultaneously logged in to Microsoft SharePoint Server and visit a mal...

6.5CVSS6.4AI score0.08862EPSS

CVE•added 2022/12/13 7:15 p.m.•90 views

CVE-2022-44693

Microsoft SharePoint Server Remote Code Execution Vulnerability

8.8CVSS8.7AI score0.04061EPSS

CVE•added 2020/02/11 10:15 p.m.•89 views

CVE-2020-0693

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0694.

5.4CVSS5.1AI score0.00923EPSS

CVE•added 2020/04/15 3:15 p.m.•89 views

CVE-2020-0933

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0923, CVE-2020-0924, CVE-2020-0925...

5.4CVSS5.2AI score0.01102EPSS

CVE•added 2020/02/11 10:15 p.m.•88 views

CVE-2020-0694

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0693.

5.4CVSS5.1AI score0.00923EPSS

CVE•added 2020/03/12 4:15 p.m.•88 views

CVE-2020-0891

This vulnerability is caused when SharePoint Server does not properly sanitize a specially crafted request to an affected SharePoint server.An authenticated attacker could exploit this vulnerability by sending a specially crafted request to an affected SharePoint server, aka 'Microsoft SharePoint R...

5.4CVSS5.3AI score0.00622EPSS

CVE•added 2020/04/15 3:15 p.m.•88 views

CVE-2020-0924

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0923, CVE-2020-0925, CVE-2020-0926...

5.4CVSS5.2AI score0.01102EPSS

CVE•added 2019/03/06 12:0 a.m.•87 views

CVE-2019-0668

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Elevation of Privilege Vulnerability'.

8.8CVSS8.9AI score0.04047EPSS

CVE•added 2020/04/15 3:15 p.m.•86 views

CVE-2020-0977

5.4CVSS5.3AI score0.00612EPSS

CVE•added 2020/07/14 11:15 p.m.•86 views

CVE-2020-1454

5.4CVSS6.8AI score0.00607EPSS

CVE•added 2021/10/13 1:15 a.m.•86 views

CVE-2021-40484

Microsoft SharePoint Server Spoofing Vulnerability

7.6CVSS5.4AI score0.06439EPSS

CVE•added 2023/07/11 6:15 p.m.•86 views

CVE-2023-33159

Microsoft SharePoint Server Spoofing Vulnerability

8.8CVSS8.5AI score0.00238EPSS

CVE•added 2025/04/08 6:16 p.m.•86 views

CVE-2025-29820

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

7.8CVSS7.8AI score0.00079EPSS

CVE•added 2025/04/08 6:15 p.m.•85 views

CVE-2025-26642

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally.

7.8CVSS7.4AI score0.001EPSS

CVE•added 2019/10/10 2:15 p.m.•84 views

CVE-2019-1070

5.4CVSS5.2AI score0.0125EPSS

CVE•added 2022/06/15 10:15 p.m.•84 views

CVE-2022-30159

Microsoft Office Information Disclosure Vulnerability

5.5CVSS5.7AI score0.02947EPSS

CVE•added 2018/11/14 1:29 a.m.•83 views

CVE-2018-8539

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka "Microsoft Word Remote Code Execution Vulnerability." This affects Microsoft SharePoint Server, Microsoft Office. This CVE ID is unique from CVE-2018-8573.

9.3CVSS7.9AI score0.16422EPSS

CVE•added 2019/03/06 12:0 a.m.•83 views

CVE-2019-0670

A spoofing vulnerability exists in Microsoft SharePoint when the application does not properly parse HTTP content, aka 'Microsoft SharePoint Spoofing Vulnerability'.

6.1CVSS7.4AI score0.00506EPSS

CVE•added 2020/04/15 3:15 p.m.•83 views

CVE-2020-0925

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0923, CVE-2020-0924, CVE-2020-0926...

5.4CVSS5.2AI score0.01102EPSS

CVE•added 2020/04/15 3:15 p.m.•83 views

CVE-2020-0975

5.4CVSS5.3AI score0.00612EPSS

CVE•added 2020/05/21 11:15 p.m.•83 views

CVE-2020-1106

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1099, CVE-2020-1100, CVE-2020-1101...

6.1CVSS5.1AI score0.01851EPSS

CVE•added 2020/06/09 8:15 p.m.•83 views

CVE-2020-1298

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1177, CVE-2020-1183, CVE-2020-1297...

5.4CVSS5.1AI score0.00773EPSS

CVE•added 2020/07/14 11:15 p.m.•83 views

CVE-2020-1451

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1450, CVE-2020-1456.

5.4CVSS5.1AI score0.00656EPSS

CVE•added 2022/09/13 7:15 p.m.•83 views

CVE-2022-38009

Microsoft SharePoint Server Remote Code Execution Vulnerability

8.8CVSS8.7AI score0.04734EPSS

CVE•added 2019/09/11 10:15 p.m.•82 views

CVE-2019-1296

A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data input, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1257, CVE-2019-1295.

8.8CVSS8.8AI score0.38462EPSS

CVE•added 2019/11/12 7:15 p.m.•82 views

CVE-2019-1443

An information disclosure vulnerability exists in Microsoft SharePoint when an attacker uploads a specially crafted file to the SharePoint Server.An authenticated attacker who successfully exploited this vulnerability could potentially leverage SharePoint functionality to obtain SMB hashes.The secu...

6.5CVSS5.8AI score0.15084EPSS

CVE•added 2020/06/09 8:15 p.m.•82 views

CVE-2020-1183

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1177, CVE-2020-1297, CVE-2020-1298...

5.4CVSS5.1AI score0.00773EPSS

CVE•added 2019/09/11 10:15 p.m.•81 views

CVE-2019-1257

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1295, CVE-2019-1296.

8.8CVSS8.8AI score0.38462EPSS

CVE•added 2020/04/15 3:15 p.m.•81 views

CVE-2020-0972

5.4CVSS5.3AI score0.00612EPSS

CVE•added 2020/05/21 11:15 p.m.•81 views

CVE-2020-1024

8.8CVSS8.3AI score0.46247EPSS

CVE•added 2019/04/09 9:29 p.m.•80 views

CVE-2019-0830

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2019-0831.

5.4CVSS5AI score0.00578EPSS

CVE•added 2019/07/29 2:13 p.m.•80 views

CVE-2019-1134

5.4CVSS5.7AI score0.00578EPSS

CVE•added 2020/05/21 11:15 p.m.•80 views

CVE-2020-1101

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1099, CVE-2020-1100, CVE-2020-1106...

5.4CVSS5.1AI score0.01851EPSS

CVE•added 2020/07/14 11:15 p.m.•80 views

CVE-2020-1443

5.4CVSS6.9AI score0.01514EPSS

CVE•added 2022/09/13 7:15 p.m.•79 views

CVE-2022-38008

Microsoft SharePoint Server Remote Code Execution Vulnerability

8.8CVSS8.7AI score0.04734EPSS

CVE•added 2024/12/12 2:4 a.m.•79 views

CVE-2024-49065

Microsoft Office Remote Code Execution Vulnerability

5.5CVSS5.9AI score0.00187EPSS