Sharepoint Server@* Security Vulnerabilities and Issues — Sharepoint Server@* CVE List

Lucene search

MicrosoftSharepoint Server*

25 matches found

CVE•added 2025/02/11 6:15 p.m.•252 views

CVE-2025-21400

Microsoft SharePoint Server Remote Code Execution Vulnerability

8CVSS8AI score0.00342EPSS

CVE•added 4 days ago•135 views

CVE-2025-53770

Deserialization of untrusted data in on-premises Microsoft SharePoint Server allows an unauthorized attacker to execute code over a network.Microsoft is aware that an exploit for CVE-2025-53770 exists in the wild.Microsoft is preparing and fully testing a comprehensive update to address this vulner...

9.8CVSS6.8AI score0.0304EPSS

CVE•added 2025/04/08 6:16 p.m.•115 views

CVE-2025-27747

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

7.8CVSS7.8AI score0.00079EPSS

CVE•added 2025/04/08 6:16 p.m.•110 views

CVE-2025-29794

Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

8.8CVSS7.4AI score0.00216EPSS

CVE•added 2025/01/14 6:16 p.m.•107 views

CVE-2025-21348

Microsoft SharePoint Server Remote Code Execution Vulnerability

7.2CVSS7.2AI score0.01265EPSS

CVE•added 2025/01/14 6:16 p.m.•105 views

CVE-2025-21344

Microsoft SharePoint Server Remote Code Execution Vulnerability

7.8CVSS7.8AI score0.00371EPSS

CVE•added 2025/04/08 6:16 p.m.•102 views

CVE-2025-29793

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

7.2CVSS7.4AI score0.02321EPSS

CVE•added 2025/04/08 6:16 p.m.•86 views

CVE-2025-29820

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

7.8CVSS7.8AI score0.00079EPSS

CVE•added 2025/04/08 6:15 p.m.•85 views

CVE-2025-26642

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally.

7.8CVSS7.4AI score0.001EPSS

CVE•added 2025/01/14 6:16 p.m.•75 views

CVE-2025-21393

Microsoft SharePoint Server Spoofing Vulnerability

6.3CVSS6.2AI score0.00103EPSS

CVE•added 2025/04/08 6:16 p.m.•71 views

CVE-2025-27746

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

7.8CVSS7.8AI score0.00079EPSS

CVE•added 2025/06/10 5:23 p.m.•59 views

CVE-2025-47168

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

7.8CVSS8AI score0.00068EPSS

CVE•added 2025/05/13 5:16 p.m.•54 views

CVE-2025-30378

Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.

7CVSS7.4AI score0.00162EPSS

CVE•added 2025/06/10 5:23 p.m.•54 views

CVE-2025-47172

Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

8.8CVSS8.8AI score0.00174EPSS

CVE•added 2025/07/08 5:15 p.m.•54 views

CVE-2025-49704

Improper control of generation of code ('code injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

8.8CVSS6.9AI score0.00296EPSS

CVE•added 2025/06/10 5:23 p.m.•53 views

CVE-2025-47163

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

8.8CVSS8.7AI score0.01629EPSS

CVE•added 2025/06/10 5:23 p.m.•52 views

CVE-2025-47169

Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to execute code locally.

7.8CVSS7.9AI score0.00068EPSS

CVE•added 2025/05/13 5:15 p.m.•51 views

CVE-2025-29976

Improper privilege management in Microsoft Office SharePoint allows an authorized attacker to elevate privileges locally.

7.8CVSS7.6AI score0.00061EPSS

CVE•added 2025/07/08 5:15 p.m.•50 views

CVE-2025-49706

Improper authentication in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.

6.5CVSS7.5AI score0.00044EPSS

CVE•added 2025/06/10 5:23 p.m.•48 views

CVE-2025-47166

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

8.8CVSS8.7AI score0.03546EPSS

CVE•added 2025/05/13 5:16 p.m.•45 views

CVE-2025-30382

Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.

7.8CVSS7.7AI score0.00177EPSS

CVE•added 2025/05/13 5:16 p.m.•45 views

CVE-2025-30384

Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.

7.4CVSS7.4AI score0.00385EPSS

CVE•added 4 days ago•30 views

CVE-2025-53771

Improper limitation of a pathname to a restricted directory ('path traversal') in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.

6.5CVSS7.4AI score0.00127EPSS

CVE•added 2025/07/08 5:15 p.m.•19 views

CVE-2025-49701

Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

8.8CVSS6.8AI score0.00126EPSS

CVE•added 2025/07/08 5:15 p.m.•17 views

CVE-2025-49703

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

7.8CVSS7.3AI score0.00062EPSS