Sharepoint Server@* Security Vulnerabilities and Issues — Page 5 of Sharepoint Server@* CVE List

Lucene search

MicrosoftSharepoint Server*

249 matches found

CVE•added 2019/01/08 9:29 p.m.•77 views

CVE-2019-0562

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoin...

5.4CVSS6.2AI score0.00495EPSS

CVE•added 2019/05/16 7:29 p.m.•77 views

CVE-2019-0950

A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2019-0949, CVE-2019-0951.

5.7CVSS5.4AI score0.07161EPSS

CVE•added 2020/05/21 11:15 p.m.•77 views

CVE-2020-1105

5.4CVSS5.4AI score0.00675EPSS

CVE•added 2021/12/15 3:15 p.m.•77 views

CVE-2021-43242

Microsoft SharePoint Server Spoofing Vulnerability

7.6CVSS6.4AI score0.00826EPSS

CVE•added 2018/11/14 1:29 a.m.•76 views

CVE-2018-8568

5.4CVSS6.3AI score0.00427EPSS

CVE•added 2019/10/10 2:15 p.m.•76 views

CVE-2019-1330

An elevation of privilege vulnerability exists in Microsoft SharePoint, aka 'Microsoft SharePoint Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1329.

6.5CVSS5.8AI score0.12558EPSS

CVE•added 2019/05/16 7:29 p.m.•75 views

CVE-2019-0952

A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP.Net web controls, aka 'Microsoft SharePoint Server Remote Code Execution Vulnerability'.

8.8CVSS8.9AI score0.37197EPSS

CVE•added 2019/10/10 2:15 p.m.•75 views

CVE-2019-1329

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1330.

5.4CVSS5.9AI score0.12558EPSS

CVE•added 2020/06/09 8:15 p.m.•75 views

CVE-2020-1318

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1177, CVE-2020-1183, CVE-2020-1297...

5.4CVSS5.1AI score0.00773EPSS

CVE•added 2024/09/10 5:15 p.m.•75 views

CVE-2024-43464

Microsoft SharePoint Server Remote Code Execution Vulnerability

7.2CVSS7.8AI score0.66597EPSS

CVE•added 2025/01/14 6:16 p.m.•75 views

CVE-2025-21393

Microsoft SharePoint Server Spoofing Vulnerability

6.3CVSS6.2AI score0.00103EPSS

CVE•added 2018/09/13 12:29 a.m.•74 views

CVE-2018-8431

5.4CVSS5.6AI score0.00427EPSS

CVE•added 2020/06/09 8:15 p.m.•74 views

CVE-2020-1295

An elevation of privilege vulnerability exists in Microsoft SharePoint, aka 'Microsoft SharePoint Elevation of Privilege Vulnerability'.

8.8CVSS8.2AI score0.09864EPSS

CVE•added 2019/05/16 7:29 p.m.•73 views

CVE-2019-0956

An information disclosure vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Server Information Disclosure Vulnerability'.

6.5CVSS6.2AI score0.10949EPSS

CVE•added 2021/12/15 3:15 p.m.•73 views

CVE-2021-42294

Microsoft SharePoint Server Remote Code Execution Vulnerability

7.2CVSS7.8AI score0.00685EPSS

CVE•added 2025/04/08 6:16 p.m.•71 views

CVE-2025-27746

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

7.8CVSS7.8AI score0.00079EPSS

CVE•added 2018/10/10 1:29 p.m.•70 views

CVE-2018-8504

A remote code execution vulnerability exists in Microsoft Word software when the software fails to properly handle objects in Protected View, aka "Microsoft Word Remote Code Execution Vulnerability." This affects Microsoft SharePoint Server, Office 365 ProPlus, Microsoft Office, Microsoft Word.

9.3CVSS8.8AI score0.17486EPSS

CVE•added 2021/12/29 11:15 p.m.•70 views

CVE-2021-43876

Microsoft SharePoint Elevation of Privilege Vulnerability

8.8CVSS8.6AI score0.0101EPSS

CVE•added 2022/10/11 7:15 p.m.•70 views

CVE-2022-41037

Microsoft SharePoint Server Remote Code Execution Vulnerability

8.8CVSS8.7AI score0.06087EPSS

CVE•added 2018/11/14 1:29 a.m.•69 views

CVE-2018-8572

5.4CVSS6.3AI score0.00427EPSS

CVE•added 2018/12/12 12:29 a.m.•68 views

CVE-2018-8635

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted authentication request to an affected SharePoint server, aka "Microsoft SharePoint Server Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, M...

8.8CVSS4.9AI score0.12974EPSS

CVE•added 2022/10/11 7:15 p.m.•68 views

CVE-2022-41036

Microsoft SharePoint Server Remote Code Execution Vulnerability

8.8CVSS8.7AI score0.06087EPSS

CVE•added 2024/09/10 5:15 p.m.•67 views

CVE-2024-38227

Microsoft SharePoint Server Remote Code Execution Vulnerability

7.2CVSS7.8AI score0.01843EPSS

CVE•added 2024/09/10 5:15 p.m.•67 views

CVE-2024-38228

Microsoft SharePoint Server Remote Code Execution Vulnerability

7.2CVSS7.8AI score0.01843EPSS

CVE•added 2024/12/12 2:4 a.m.•67 views

CVE-2024-49070

Microsoft SharePoint Remote Code Execution Vulnerability

7.4CVSS7.6AI score0.00143EPSS

CVE•added 2018/05/09 7:29 p.m.•66 views

CVE-2018-8168

5.4CVSS5.5AI score0.00473EPSS

CVE•added 2024/09/10 5:15 p.m.•66 views

CVE-2024-43466

Microsoft SharePoint Server Denial of Service Vulnerability

7.5CVSS7.2AI score0.12381EPSS

CVE•added 2024/12/12 2:4 a.m.•65 views

CVE-2024-49068

Microsoft SharePoint Elevation of Privilege Vulnerability

8.2CVSS8.1AI score0.0226EPSS

CVE•added 2018/05/09 7:29 p.m.•64 views

CVE-2018-8149

5.4CVSS5.5AI score0.00473EPSS

CVE•added 2024/10/08 6:15 p.m.•64 views

CVE-2024-43503

Microsoft SharePoint Elevation of Privilege Vulnerability

7.8CVSS7.6AI score0.00701EPSS

CVE•added 2025/07/08 5:15 p.m.•64 views

CVE-2025-49704

Improper control of generation of code ('code injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

8.8CVSS6.9AI score0.14805EPSS

CVE•added 2021/12/15 3:15 p.m.•62 views

CVE-2021-42320

Microsoft SharePoint Server Spoofing Vulnerability

8CVSS6AI score0.00669EPSS

CVE•added 2025/06/10 5:23 p.m.•59 views

CVE-2025-47168

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

7.8CVSS8AI score0.00068EPSS

CVE•added 2018/04/12 1:29 a.m.•58 views

CVE-2018-1032

5.4CVSS5.5AI score0.00536EPSS

CVE•added 2025/07/08 5:15 p.m.•57 views

CVE-2025-49706

Improper authentication in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.

6.5CVSS7.5AI score0.00044EPSS

CVE•added 2024/12/12 2:4 a.m.•56 views

CVE-2024-49064

Microsoft SharePoint Information Disclosure Vulnerability

6.5CVSS6.1AI score0.00275EPSS

CVE•added 2010/02/26 7:30 p.m.•54 views

CVE-2010-0716

_layouts/Upload.aspx in the Documents module in Microsoft SharePoint before 2010 uses URLs with the same hostname and port number for a web site's primary files and individual users' uploaded files (aka attachments), which allows remote authenticated users to leverage same-origin relationships and ...

3.5CVSS5.5AI score0.1627EPSS

CVE•added 2025/05/13 5:16 p.m.•54 views

CVE-2025-30378

Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.

7CVSS7.4AI score0.00162EPSS

CVE•added 2025/06/10 5:23 p.m.•54 views

CVE-2025-47172

Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

8.8CVSS8.8AI score0.00174EPSS

CVE•added 2025/06/10 5:23 p.m.•53 views

CVE-2025-47163

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

8.8CVSS8.7AI score0.01629EPSS

CVE•added 2025/06/10 5:23 p.m.•52 views

CVE-2025-47169

Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to execute code locally.

7.8CVSS7.9AI score0.00068EPSS

CVE•added 2008/11/10 3:23 p.m.•51 views

CVE-2008-5026

Microsoft SharePoint uses URLs with the same hostname and port number for a web site's primary files and individual users' uploaded files (aka attachments), which allows remote authenticated users to leverage same-origin relationships and conduct cross-site scripting (XSS) attacks by uploading HTML...

3.5CVSS5.2AI score0.1627EPSS

CVE•added 2025/05/13 5:15 p.m.•51 views

CVE-2025-29976

Improper privilege management in Microsoft Office SharePoint allows an authorized attacker to elevate privileges locally.

7.8CVSS7.6AI score0.00061EPSS

CVE•added 2025/06/10 5:23 p.m.•48 views

CVE-2025-47166

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

8.8CVSS8.7AI score0.03546EPSS

CVE•added 2025/05/13 5:16 p.m.•45 views

CVE-2025-30382

Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.

7.8CVSS7.7AI score0.00177EPSS

CVE•added 2025/05/13 5:16 p.m.•45 views

CVE-2025-30384

Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.

7.4CVSS7.4AI score0.00385EPSS

CVE•added 5 days ago•36 views

CVE-2025-53771

Improper limitation of a pathname to a restricted directory ('path traversal') in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.

6.5CVSS7.4AI score0.00127EPSS

CVE•added 2025/07/08 5:15 p.m.•20 views

CVE-2025-49701

Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

8.8CVSS6.8AI score0.00126EPSS

CVE•added 2025/07/08 5:15 p.m.•18 views

CVE-2025-49703

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

7.8CVSS7.3AI score0.00072EPSS

Total number of security vulnerabilities249