Sharepoint Server
by Microsoft
CVEs (575)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2015-6038 | 0.03 | — | 0.36 | Nov 11, 2015 | Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, Excel Viewer, and Excel Services on SharePoint Server 2007 SP3, 2010 SP2, and 2013 SP1 allow remote attackers to… | |||
| CVE-2013-0085 | 0.03 | — | 0.34 | Mar 13, 2013 | Buffer overflow in Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1 allows remote attackers to cause a denial of service (W3WP process crash and site outage) via a crafted URL, aka "Buffer Overflow Vulnerability." | |||
| CVE-2013-0007 | 0.03 | — | 0.32 | Jan 9, 2013 | Microsoft XML Core Services (aka MSXML) 4.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka "MSXML XSLT Vulnerability." | |||
| CVE-2009-1134 | 0.03 | — | 0.36 | Jun 10, 2009 | Excel in 2007 Microsoft Office System SP1 and SP2; Microsoft Office Excel Viewer; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allow remote attackers to execute arbitrary code via a BIFF file with a malformed Qsir (0x806)… | |||
| CVE-2009-0561 | 0.03 | — | 0.37 | Jun 10, 2009 | Integer overflow in Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for Mac; Excel in 2007 Microsoft Office System SP1 and SP2; Open XML File Format Converter for Mac; Microsoft Office Excel Viewer 2003 SP3; Microsoft Office Excel… | |||
| CVE-2008-4019 | 0.03 | — | 0.34 | Oct 15, 2008 | Integer overflow in the REPT function in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2 and SP3, and 2007 Gold and SP1; Office Excel Viewer 2003 SP3; Office Excel Viewer; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office SharePoint… | |||
| CVE-2008-3006 | 0.03 | — | 0.36 | Aug 12, 2008 | Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP2 and SP3, and 2007 Gold and SP1; Office Excel Viewer 2003 Gold and SP3; Office Excel Viewer; Office Compatibility Pack 2007 Gold and SP1; Office SharePoint Server 2007 Gold and SP1; and Office 2004 and 2008 for Mac do not… | |||
| CVE-2023-24950 | 0.02 | — | 0.67 | May 9, 2023 | Microsoft SharePoint Server Spoofing Vulnerability | |||
| CVE-2022-44690 | 0.02 | — | 0.82 | Dec 13, 2022 | Microsoft SharePoint Server Remote Code Execution Vulnerability | |||
| CVE-2022-38053 | 0.02 | — | 0.76 | Oct 11, 2022 | Microsoft SharePoint Server Remote Code Execution Vulnerability | |||
| CVE-2020-16953 | 0.02 | — | 0.04 | Oct 16, 2020 | An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit the… | |||
| CVE-2020-16950 | 0.02 | — | 0.04 | Oct 16, 2020 | An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit the… | |||
| CVE-2020-16948 | 0.02 | — | 0.04 | Oct 16, 2020 | An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit the… | |||
| CVE-2020-1224 | 0.02 | — | 0.04 | Sep 11, 2020 | An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data. To exploit the vulnerability, an… | |||
| CVE-2020-1583 | 0.02 | — | 0.05 | Aug 17, 2020 | An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data. To exploit the vulnerability, an attacker could… | |||
| CVE-2020-1503 | 0.02 | — | 0.05 | Aug 17, 2020 | An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data. To exploit the vulnerability, an attacker could… | |||
| CVE-2020-1502 | 0.02 | — | 0.05 | Aug 17, 2020 | An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data. To exploit the vulnerability, an attacker could… | |||
| CVE-2020-1445 | 0.02 | — | 0.06 | Jul 14, 2020 | An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory, aka 'Microsoft Office Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1342. | |||
| CVE-2020-1439 | 0.02 | — | 0.20 | Jul 14, 2020 | A remote code execution vulnerability exists in PerformancePoint Services for SharePoint Server when the software fails to check the source markup of XML file input, aka 'PerformancePoint Services Remote Code Execution Vulnerability'. | |||
| CVE-2020-1342 | 0.02 | — | 0.06 | Jul 14, 2020 | An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka 'Microsoft Office Information Disclosure Vulnerability'. This CVE ID is unique from… |
- CVE-2015-6038Nov 11, 2015risk 0.03cvss —epss 0.36
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, Excel Viewer, and Excel Services on SharePoint Server 2007 SP3, 2010 SP2, and 2013 SP1 allow remote attackers to…
- CVE-2013-0085Mar 13, 2013risk 0.03cvss —epss 0.34
Buffer overflow in Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1 allows remote attackers to cause a denial of service (W3WP process crash and site outage) via a crafted URL, aka "Buffer Overflow Vulnerability."
- CVE-2013-0007Jan 9, 2013risk 0.03cvss —epss 0.32
Microsoft XML Core Services (aka MSXML) 4.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka "MSXML XSLT Vulnerability."
- CVE-2009-1134Jun 10, 2009risk 0.03cvss —epss 0.36
Excel in 2007 Microsoft Office System SP1 and SP2; Microsoft Office Excel Viewer; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allow remote attackers to execute arbitrary code via a BIFF file with a malformed Qsir (0x806)…
- CVE-2009-0561Jun 10, 2009risk 0.03cvss —epss 0.37
Integer overflow in Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for Mac; Excel in 2007 Microsoft Office System SP1 and SP2; Open XML File Format Converter for Mac; Microsoft Office Excel Viewer 2003 SP3; Microsoft Office Excel…
- CVE-2008-4019Oct 15, 2008risk 0.03cvss —epss 0.34
Integer overflow in the REPT function in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2 and SP3, and 2007 Gold and SP1; Office Excel Viewer 2003 SP3; Office Excel Viewer; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office SharePoint…
- CVE-2008-3006Aug 12, 2008risk 0.03cvss —epss 0.36
Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP2 and SP3, and 2007 Gold and SP1; Office Excel Viewer 2003 Gold and SP3; Office Excel Viewer; Office Compatibility Pack 2007 Gold and SP1; Office SharePoint Server 2007 Gold and SP1; and Office 2004 and 2008 for Mac do not…
- CVE-2023-24950May 9, 2023risk 0.02cvss —epss 0.67
Microsoft SharePoint Server Spoofing Vulnerability
- CVE-2022-44690Dec 13, 2022risk 0.02cvss —epss 0.82
Microsoft SharePoint Server Remote Code Execution Vulnerability
- CVE-2022-38053Oct 11, 2022risk 0.02cvss —epss 0.76
Microsoft SharePoint Server Remote Code Execution Vulnerability
- CVE-2020-16953Oct 16, 2020risk 0.02cvss —epss 0.04
An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit the…
- CVE-2020-16950Oct 16, 2020risk 0.02cvss —epss 0.04
An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit the…
- CVE-2020-16948Oct 16, 2020risk 0.02cvss —epss 0.04
An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit the…
- CVE-2020-1224Sep 11, 2020risk 0.02cvss —epss 0.04
An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data. To exploit the vulnerability, an…
- CVE-2020-1583Aug 17, 2020risk 0.02cvss —epss 0.05
An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data. To exploit the vulnerability, an attacker could…
- CVE-2020-1503Aug 17, 2020risk 0.02cvss —epss 0.05
An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data. To exploit the vulnerability, an attacker could…
- CVE-2020-1502Aug 17, 2020risk 0.02cvss —epss 0.05
An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data. To exploit the vulnerability, an attacker could…
- CVE-2020-1445Jul 14, 2020risk 0.02cvss —epss 0.06
An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory, aka 'Microsoft Office Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1342.
- CVE-2020-1439Jul 14, 2020risk 0.02cvss —epss 0.20
A remote code execution vulnerability exists in PerformancePoint Services for SharePoint Server when the software fails to check the source markup of XML file input, aka 'PerformancePoint Services Remote Code Execution Vulnerability'.
- CVE-2020-1342Jul 14, 2020risk 0.02cvss —epss 0.06
An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka 'Microsoft Office Information Disclosure Vulnerability'. This CVE ID is unique from…
Page 10 of 29