Lucene search

K
MicrosoftSharepoint Server*

249 matches found

CVE
CVE
added 2019/01/08 9:29 p.m.77 views

CVE-2019-0562

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoin...

5.4CVSS6.2AI score0.00495EPSS
CVE
CVE
added 2019/05/16 7:29 p.m.77 views

CVE-2019-0950

A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2019-0949, CVE-2019-0951.

5.7CVSS5.4AI score0.07161EPSS
CVE
CVE
added 2020/05/21 11:15 p.m.77 views

CVE-2020-1105

A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2020-1104, CVE-2020-1107.

5.4CVSS5.4AI score0.00675EPSS
CVE
CVE
added 2021/12/15 3:15 p.m.77 views

CVE-2021-43242

Microsoft SharePoint Server Spoofing Vulnerability

7.6CVSS6.4AI score0.00826EPSS
CVE
CVE
added 2018/11/14 1:29 a.m.76 views

CVE-2018-8568

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoin...

5.4CVSS6.3AI score0.00427EPSS
CVE
CVE
added 2019/10/10 2:15 p.m.76 views

CVE-2019-1330

An elevation of privilege vulnerability exists in Microsoft SharePoint, aka 'Microsoft SharePoint Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1329.

6.5CVSS5.8AI score0.12558EPSS
CVE
CVE
added 2019/05/16 7:29 p.m.75 views

CVE-2019-0952

A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP.Net web controls, aka 'Microsoft SharePoint Server Remote Code Execution Vulnerability'.

8.8CVSS8.9AI score0.37197EPSS
CVE
CVE
added 2019/10/10 2:15 p.m.75 views

CVE-2019-1329

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1330.

5.4CVSS5.9AI score0.12558EPSS
CVE
CVE
added 2020/06/09 8:15 p.m.75 views

CVE-2020-1318

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1177, CVE-2020-1183, CVE-2020-1297...

5.4CVSS5.1AI score0.00773EPSS
CVE
CVE
added 2024/09/10 5:15 p.m.75 views

CVE-2024-43464

Microsoft SharePoint Server Remote Code Execution Vulnerability

7.2CVSS7.8AI score0.66597EPSS
CVE
CVE
added 2025/01/14 6:16 p.m.75 views

CVE-2025-21393

Microsoft SharePoint Server Spoofing Vulnerability

6.3CVSS6.2AI score0.00103EPSS
CVE
CVE
added 2018/09/13 12:29 a.m.74 views

CVE-2018-8431

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoin...

5.4CVSS5.6AI score0.00427EPSS
CVE
CVE
added 2020/06/09 8:15 p.m.74 views

CVE-2020-1295

An elevation of privilege vulnerability exists in Microsoft SharePoint, aka 'Microsoft SharePoint Elevation of Privilege Vulnerability'.

8.8CVSS8.2AI score0.09864EPSS
CVE
CVE
added 2019/05/16 7:29 p.m.73 views

CVE-2019-0956

An information disclosure vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Server Information Disclosure Vulnerability'.

6.5CVSS6.2AI score0.10949EPSS
CVE
CVE
added 2021/12/15 3:15 p.m.73 views

CVE-2021-42294

Microsoft SharePoint Server Remote Code Execution Vulnerability

7.2CVSS7.8AI score0.00685EPSS
CVE
CVE
added 2025/04/08 6:16 p.m.71 views

CVE-2025-27746

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

7.8CVSS7.8AI score0.00079EPSS
CVE
CVE
added 2018/10/10 1:29 p.m.70 views

CVE-2018-8504

A remote code execution vulnerability exists in Microsoft Word software when the software fails to properly handle objects in Protected View, aka "Microsoft Word Remote Code Execution Vulnerability." This affects Microsoft SharePoint Server, Office 365 ProPlus, Microsoft Office, Microsoft Word.

9.3CVSS8.8AI score0.17486EPSS
CVE
CVE
added 2021/12/29 11:15 p.m.70 views

CVE-2021-43876

Microsoft SharePoint Elevation of Privilege Vulnerability

8.8CVSS8.6AI score0.0101EPSS
CVE
CVE
added 2022/10/11 7:15 p.m.70 views

CVE-2022-41037

Microsoft SharePoint Server Remote Code Execution Vulnerability

8.8CVSS8.7AI score0.06087EPSS
CVE
CVE
added 2018/11/14 1:29 a.m.69 views

CVE-2018-8572

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoin...

5.4CVSS6.3AI score0.00427EPSS
CVE
CVE
added 2018/12/12 12:29 a.m.68 views

CVE-2018-8635

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted authentication request to an affected SharePoint server, aka "Microsoft SharePoint Server Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, M...

8.8CVSS4.9AI score0.12974EPSS
CVE
CVE
added 2022/10/11 7:15 p.m.68 views

CVE-2022-41036

Microsoft SharePoint Server Remote Code Execution Vulnerability

8.8CVSS8.7AI score0.06087EPSS
CVE
CVE
added 2024/09/10 5:15 p.m.67 views

CVE-2024-38227

Microsoft SharePoint Server Remote Code Execution Vulnerability

7.2CVSS7.8AI score0.01843EPSS
CVE
CVE
added 2024/09/10 5:15 p.m.67 views

CVE-2024-38228

Microsoft SharePoint Server Remote Code Execution Vulnerability

7.2CVSS7.8AI score0.01843EPSS
CVE
CVE
added 2024/12/12 2:4 a.m.67 views

CVE-2024-49070

Microsoft SharePoint Remote Code Execution Vulnerability

7.4CVSS7.6AI score0.00143EPSS
CVE
CVE
added 2018/05/09 7:29 p.m.66 views

CVE-2018-8168

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoin...

5.4CVSS5.5AI score0.00473EPSS
CVE
CVE
added 2024/09/10 5:15 p.m.66 views

CVE-2024-43466

Microsoft SharePoint Server Denial of Service Vulnerability

7.5CVSS7.2AI score0.12381EPSS
CVE
CVE
added 2024/12/12 2:4 a.m.65 views

CVE-2024-49068

Microsoft SharePoint Elevation of Privilege Vulnerability

8.2CVSS8.1AI score0.0226EPSS
CVE
CVE
added 2018/05/09 7:29 p.m.64 views

CVE-2018-8149

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoin...

5.4CVSS5.5AI score0.00473EPSS
CVE
CVE
added 2024/10/08 6:15 p.m.64 views

CVE-2024-43503

Microsoft SharePoint Elevation of Privilege Vulnerability

7.8CVSS7.6AI score0.00701EPSS
CVE
CVE
added 2021/12/15 3:15 p.m.62 views

CVE-2021-42320

Microsoft SharePoint Server Spoofing Vulnerability

8CVSS6AI score0.00669EPSS
CVE
CVE
added 2025/06/10 5:23 p.m.59 views

CVE-2025-47168

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

7.8CVSS8AI score0.00068EPSS
CVE
CVE
added 2018/04/12 1:29 a.m.58 views

CVE-2018-1032

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoin...

5.4CVSS5.5AI score0.00536EPSS
CVE
CVE
added 2024/12/12 2:4 a.m.56 views

CVE-2024-49064

Microsoft SharePoint Information Disclosure Vulnerability

6.5CVSS6.1AI score0.00275EPSS
CVE
CVE
added 2010/02/26 7:30 p.m.54 views

CVE-2010-0716

_layouts/Upload.aspx in the Documents module in Microsoft SharePoint before 2010 uses URLs with the same hostname and port number for a web site's primary files and individual users' uploaded files (aka attachments), which allows remote authenticated users to leverage same-origin relationships and ...

3.5CVSS5.5AI score0.1627EPSS
CVE
CVE
added 2025/05/13 5:16 p.m.54 views

CVE-2025-30378

Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.

7CVSS7.4AI score0.00162EPSS
CVE
CVE
added 2025/06/10 5:23 p.m.54 views

CVE-2025-47172

Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

8.8CVSS8.8AI score0.00174EPSS
CVE
CVE
added 2025/06/10 5:23 p.m.53 views

CVE-2025-47163

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

8.8CVSS8.7AI score0.01629EPSS
CVE
CVE
added 2025/06/10 5:23 p.m.52 views

CVE-2025-47169

Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to execute code locally.

7.8CVSS7.9AI score0.00068EPSS
CVE
CVE
added 2008/11/10 3:23 p.m.51 views

CVE-2008-5026

Microsoft SharePoint uses URLs with the same hostname and port number for a web site's primary files and individual users' uploaded files (aka attachments), which allows remote authenticated users to leverage same-origin relationships and conduct cross-site scripting (XSS) attacks by uploading HTML...

3.5CVSS5.2AI score0.1627EPSS
CVE
CVE
added 2025/05/13 5:15 p.m.51 views

CVE-2025-29976

Improper privilege management in Microsoft Office SharePoint allows an authorized attacker to elevate privileges locally.

7.8CVSS7.6AI score0.00061EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.49 views

CVE-2025-49704

Improper control of generation of code ('code injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

8.8CVSS6.9AI score0.00296EPSS
CVE
CVE
added 2025/06/10 5:23 p.m.48 views

CVE-2025-47166

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

8.8CVSS8.7AI score0.03546EPSS
CVE
CVE
added 2025/05/13 5:16 p.m.45 views

CVE-2025-30382

Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.

7.8CVSS7.7AI score0.00177EPSS
CVE
CVE
added 2025/05/13 5:16 p.m.45 views

CVE-2025-30384

Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.

7.4CVSS7.4AI score0.00385EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.43 views

CVE-2025-49706

Improper authentication in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.

6.5CVSS7.5AI score0.00044EPSS
CVE
CVE
added 3 days ago24 views

CVE-2025-53771

Improper limitation of a pathname to a restricted directory ('path traversal') in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.

7.1CVSS7.4AI score0.00127EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.18 views

CVE-2025-49701

Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

8.8CVSS6.8AI score0.00126EPSS
CVE
CVE
added 2025/07/08 5:15 p.m.16 views

CVE-2025-49703

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

7.8CVSS7.3AI score0.00062EPSS
Total number of security vulnerabilities249