Sharepoint Server@2019 Security Vulnerabilities and Issues — Page 6 of Sharepoint Server@2019 CVE List

Lucene search

MicrosoftSharepoint Server2019

283 matches found

CVE•added 2021/12/15 3:15 p.m.•77 views

CVE-2021-43242

Microsoft SharePoint Server Spoofing Vulnerability

7.6CVSS6.4AI score0.00826EPSS

CVE•added 2018/11/14 1:29 a.m.•76 views

CVE-2018-8568

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoin...

5.4CVSS6.3AI score0.00427EPSS

CVE•added 2019/06/12 2:29 p.m.•76 views

CVE-2019-1033

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint ...

5.4CVSS5.1AI score0.00528EPSS

CVE•added 2020/06/09 8:15 p.m.•75 views

CVE-2020-1318

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1177, CVE-2020-1183, CVE-2020-1297...

5.4CVSS5.1AI score0.00773EPSS

CVE•added 2024/09/10 5:15 p.m.•75 views

CVE-2024-43464

Microsoft SharePoint Server Remote Code Execution Vulnerability

7.2CVSS7.8AI score0.66597EPSS

CVE•added 2025/01/14 6:16 p.m.•75 views

CVE-2025-21393

Microsoft SharePoint Server Spoofing Vulnerability

6.3CVSS6.2AI score0.00103EPSS

CVE•added 2020/06/09 8:15 p.m.•74 views

CVE-2020-1295

An elevation of privilege vulnerability exists in Microsoft SharePoint, aka 'Microsoft SharePoint Elevation of Privilege Vulnerability'.

8.8CVSS8.2AI score0.09864EPSS

CVE•added 2021/12/15 3:15 p.m.•73 views

CVE-2021-42294

Microsoft SharePoint Server Remote Code Execution Vulnerability

7.2CVSS7.8AI score0.00685EPSS

CVE•added 2021/12/29 11:15 p.m.•70 views

CVE-2021-43876

Microsoft SharePoint Elevation of Privilege Vulnerability

8.8CVSS8.6AI score0.0101EPSS

CVE•added 2022/10/11 7:15 p.m.•70 views

CVE-2022-41037

Microsoft SharePoint Server Remote Code Execution Vulnerability

8.8CVSS8.7AI score0.06087EPSS

CVE•added 2018/11/14 1:29 a.m.•69 views

CVE-2018-8572

5.4CVSS6.3AI score0.00427EPSS

CVE•added 2022/10/11 7:15 p.m.•68 views

CVE-2022-41036

Microsoft SharePoint Server Remote Code Execution Vulnerability

8.8CVSS8.7AI score0.06087EPSS

CVE•added 2024/09/10 5:15 p.m.•67 views

CVE-2024-38227

Microsoft SharePoint Server Remote Code Execution Vulnerability

7.2CVSS7.8AI score0.01843EPSS

CVE•added 2024/09/10 5:15 p.m.•67 views

CVE-2024-38228

Microsoft SharePoint Server Remote Code Execution Vulnerability

7.2CVSS7.8AI score0.01843EPSS

CVE•added 2024/12/12 2:4 a.m.•67 views

CVE-2024-49070

Microsoft SharePoint Remote Code Execution Vulnerability

7.4CVSS7.6AI score0.00143EPSS

CVE•added 2024/09/10 5:15 p.m.•66 views

CVE-2024-43466

Microsoft SharePoint Server Denial of Service Vulnerability

7.5CVSS7.2AI score0.12381EPSS

CVE•added 2024/12/12 2:4 a.m.•65 views

CVE-2024-49068

Microsoft SharePoint Elevation of Privilege Vulnerability

8.2CVSS8.1AI score0.0226EPSS

CVE•added 2024/10/08 6:15 p.m.•64 views

CVE-2024-43503

Microsoft SharePoint Elevation of Privilege Vulnerability

7.8CVSS7.6AI score0.00701EPSS

CVE•added 2021/12/15 3:15 p.m.•62 views

CVE-2021-42320

Microsoft SharePoint Server Spoofing Vulnerability

8CVSS6AI score0.00669EPSS

CVE•added 2025/06/10 5:23 p.m.•59 views

CVE-2025-47168

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

7.8CVSS8AI score0.00068EPSS

CVE•added 2024/12/12 2:4 a.m.•56 views

CVE-2024-49064

Microsoft SharePoint Information Disclosure Vulnerability

6.5CVSS6.1AI score0.00275EPSS

CVE•added 2025/05/13 5:16 p.m.•54 views

CVE-2025-30378

Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.

7CVSS7.4AI score0.00162EPSS

CVE•added 2025/06/10 5:23 p.m.•54 views

CVE-2025-47172

Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

8.8CVSS8.8AI score0.00174EPSS

CVE•added 2025/06/10 5:23 p.m.•53 views

CVE-2025-47163

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

8.8CVSS8.7AI score0.01629EPSS

CVE•added 2025/06/10 5:23 p.m.•52 views

CVE-2025-47169

Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to execute code locally.

7.8CVSS7.9AI score0.00068EPSS

CVE•added 2025/05/13 5:15 p.m.•51 views

CVE-2025-29976

Improper privilege management in Microsoft Office SharePoint allows an authorized attacker to elevate privileges locally.

7.8CVSS7.6AI score0.00061EPSS

CVE•added 2025/06/10 5:23 p.m.•48 views

CVE-2025-47166

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

8.8CVSS8.7AI score0.03546EPSS

CVE•added 2025/05/13 5:16 p.m.•45 views

CVE-2025-30382

Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.

7.8CVSS7.7AI score0.00177EPSS

CVE•added 2025/05/13 5:16 p.m.•45 views

CVE-2025-30384

Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.

7.4CVSS7.4AI score0.00385EPSS

CVE•added 2025/07/08 5:15 p.m.•43 views

CVE-2025-49704

Improper control of generation of code ('code injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

8.8CVSS6.9AI score0.00296EPSS

CVE•added 2025/07/08 5:15 p.m.•38 views

CVE-2025-49706

Improper authentication in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.

7.1CVSS6.6AI score0.001EPSS

CVE•added 2025/07/08 5:15 p.m.•17 views

CVE-2025-49701

Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

8.8CVSS6.8AI score0.00126EPSS

CVE•added 2025/07/08 5:15 p.m.•15 views

CVE-2025-49703

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.