VYPR

Sharepoint Server

by Microsoft

CVEs (575)

  • CVE-2026-40365HigMay 12, 2026
    risk 0.57cvss 8.8epss 0.01

    Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

  • CVE-2026-40357HigMay 12, 2026
    risk 0.57cvss 8.8epss 0.02

    Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

  • CVE-2026-35439HigMay 12, 2026
    risk 0.57cvss 8.8epss 0.02

    Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

  • CVE-2026-33112HigMay 12, 2026
    risk 0.57cvss 8.8epss 0.02

    Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

  • CVE-2026-33110HigMay 12, 2026
    risk 0.57cvss 8.8epss 0.02

    Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

  • CVE-2017-11876HigNov 15, 2017
    risk 0.57cvss 8.8epss 0.02

    Microsoft Project Server and Microsoft SharePoint Enterprise Server 2016 allow an attacker to use cross-site forgery to read content that they are not authorized to read, use the victim's identity to take actions on the web application on behalf of the victim, such as change…

  • CVE-2010-0258HigMar 10, 2010
    risk 0.56cvss 7.8epss 0.61

    Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 do not properly…

  • CVE-2026-45458HigJun 9, 2026
    risk 0.55cvss 8.4epss 0.00

    Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.

  • CVE-2026-45456HigJun 9, 2026
    risk 0.55cvss 8.4epss 0.00

    Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.

  • CVE-2026-40367HigMay 12, 2026
    risk 0.55cvss 8.4epss 0.00

    Access of resource using incompatible type ('type confusion') in Microsoft Office Word allows an unauthorized attacker to execute code locally.

  • CVE-2026-32201MedKEVApr 14, 2026
    risk 0.55cvss 6.5epss 0.24

    Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.

  • CVE-2017-8501HigJul 11, 2017
    risk 0.53cvss 7.8epss 0.23

    Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8502.

  • CVE-2017-0030HigMar 17, 2017
    risk 0.53cvss 7.8epss 0.26

    Microsoft Office 2010 SP2, Office Compatibility Pack SP3, Office Web Apps Server 2010 SP2, Word 2007 SP3, Word 2010 SP2, and Word Automation Services on SharePoint Server 2010 SP2 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption)…

  • CVE-2017-0003HigJan 10, 2017
    risk 0.53cvss 7.8epss 0.25

    Microsoft Word 2016 and SharePoint Enterprise Server 2016 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."

  • CVE-2016-3282HigJul 13, 2016
    risk 0.53cvss 7.8epss 0.26

    Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint…

  • CVE-2026-47298HigJun 9, 2026
    risk 0.52cvss 8.0epss 0.01

    Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

  • CVE-2026-40368HigMay 12, 2026
    risk 0.52cvss 8.0epss 0.02

    Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

  • CVE-2018-8161HigMay 9, 2018
    risk 0.52cvss 7.8epss 0.20

    A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability." This affects Microsoft Word, Word, Microsoft Office, Microsoft SharePoint. This CVE…

  • CVE-2017-8743HigSep 13, 2017
    risk 0.52cvss 7.8epss 0.21

    A remote code execution vulnerability exists in Microsoft PowerPoint 2016, Microsoft SharePoint Enterprise Server 2016, and Office Online Server when they fail to properly handle objects in memory, aka "PowerPoint Remote Code Execution Vulnerability". This CVE ID is unique from…

  • CVE-2017-8742HigSep 13, 2017
    risk 0.52cvss 7.8epss 0.21

    A remote code execution vulnerability exists in Microsoft PowerPoint 2007 Service Pack 3, Microsoft PowerPoint 2010 Service Pack 2, Microsoft PowerPoint 2013 Service Pack 1, Microsoft PowerPoint 2013 RT Service Pack 1, Microsoft PowerPoint 2016, Microsoft PowerPoint Viewer 2007,…

Page 2 of 29