VYPR

Sharepoint Server

by Microsoft

CVEs (575)

  • CVE-2025-53771Jul 20, 2025
    risk 0.06cvss epss 1.00

    Improper authentication in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.

  • CVE-2021-31181May 11, 2021
    risk 0.06cvss epss 0.30

    Microsoft SharePoint Remote Code Execution Vulnerability

  • CVE-2015-2468Aug 15, 2015
    risk 0.06cvss epss 0.43

    Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Office for Mac 2011, Office for Mac 2016, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, Word Web Apps 2010 SP2, and Office…

  • CVE-2013-0081Sep 11, 2013
    risk 0.06cvss epss 0.77

    Microsoft SharePoint Portal Server 2003 SP3 and SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 do not properly process unassigned workflows, which allows remote attackers to cause a denial of service (W3WP process hang) via a crafted URL, aka "SharePoint Denial of…

  • CVE-2011-1892Sep 15, 2011
    risk 0.06cvss epss 0.38

    Microsoft Office Groove 2007 SP2, SharePoint Workspace 2010 Gold and SP1, Office Forms Server 2007 SP2, Office SharePoint Server 2007 SP2, Office SharePoint Server 2010 Gold and SP1, Office Groove Data Bridge Server 2007 SP2, Office Groove Management Server 2007 SP2, Groove…

  • CVE-2009-3830Oct 30, 2009
    risk 0.06cvss epss 0.33

    The download functionality in Team Services in Microsoft Office SharePoint Server 2007 12.0.0.4518 and 12.0.0.6219 allows remote attackers to read ASP.NET source code via pathnames in the SourceUrl and Source parameters to _layouts/download.aspx.

  • CVE-2007-2581May 9, 2007
    risk 0.06cvss epss 0.36

    Multiple cross-site scripting (XSS) vulnerabilities in Microsoft Windows SharePoint Services 3.0 for Windows Server 2003 and Office SharePoint Server 2007 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO (query string) in "every main page," as…

  • CVE-2024-43464Sep 10, 2024
    risk 0.05cvss epss 0.36

    Microsoft SharePoint Server Remote Code Execution Vulnerability

  • CVE-2024-30043May 14, 2024
    risk 0.05cvss epss 0.55

    Microsoft SharePoint Server Information Disclosure Vulnerability

  • CVE-2015-0064Feb 11, 2015
    risk 0.05cvss epss 0.30

    Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word Automation Services in SharePoint Server 2010, Web Applications 2010 SP2, Word Viewer, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory…

  • CVE-2013-3180Sep 11, 2013
    risk 0.05cvss epss 0.66

    Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2010 SP1 and SP2 and 2013 allows remote attackers to inject arbitrary web script or HTML via a crafted POST request, aka "POST XSS Vulnerability."

  • CVE-2010-3324Sep 17, 2010
    risk 0.05cvss epss 0.25

    The toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2, SharePoint Foundation 2010, Office SharePoint Server 2007 SP2, Groove Server 2010, and Office Web Apps, allows remote attackers to bypass the…

  • CVE-2010-0817Apr 29, 2010
    risk 0.05cvss epss 0.29

    Cross-site scripting (XSS) vulnerability in _layouts/help.aspx in Microsoft SharePoint Server 2007 12.0.0.6421 and possibly earlier, and SharePoint Services 3.0 SP1 and SP2, versions, allows remote attackers to inject arbitrary web script or HTML via the cid0 parameter.

  • CVE-2025-47166Jun 10, 2025
    risk 0.04cvss epss 0.13

    Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

  • CVE-2024-38018Sep 10, 2024
    risk 0.04cvss epss 0.51

    Microsoft SharePoint Server Remote Code Execution Vulnerability

  • CVE-2023-28288Apr 11, 2023
    risk 0.04cvss epss 0.06

    Microsoft SharePoint Server Spoofing Vulnerability

  • CVE-2020-1447Jul 14, 2020
    risk 0.04cvss epss 0.11

    A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1446, CVE-2020-1448.

  • CVE-2020-1181Jun 9, 2020
    risk 0.04cvss epss 0.69

    A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP.Net web controls, aka 'Microsoft SharePoint Server Remote Code Execution Vulnerability'.

  • CVE-2013-3179Sep 11, 2013
    risk 0.04cvss epss 0.14

    Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 allows remote attackers to inject arbitrary web script or HTML via a crafted request, aka "SharePoint XSS Vulnerability."

  • CVE-2008-4032Dec 10, 2008
    risk 0.04cvss epss 0.48

    Microsoft Office SharePoint Server 2007 Gold and SP1 and Microsoft Search Server 2008 do not properly perform authentication and authorization for administrative functions, which allows remote attackers to cause a denial of service (server load), obtain sensitive information,…

Page 8 of 29