Office SharePoint
by Microsoft
CVEs (192)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-47298 | Hig | 0.52 | 8.0 | 0.01 | Jun 9, 2026 | Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | ||
| CVE-2026-47294 | Hig | 0.52 | 8.0 | 0.01 | Jun 1, 2026 | Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | ||
| CVE-2025-62204 | Hig | 0.52 | 8.0 | 0.02 | Nov 11, 2025 | Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | ||
| CVE-2023-36892 | Hig | 0.52 | 8.0 | 0.02 | Aug 8, 2023 | Microsoft SharePoint Server Spoofing Vulnerability | ||
| CVE-2023-36891 | Hig | 0.52 | 8.0 | 0.02 | Aug 8, 2023 | Microsoft SharePoint Server Spoofing Vulnerability | ||
| CVE-2022-24472 | Hig | 0.52 | 8.0 | 0.02 | Apr 15, 2022 | Microsoft SharePoint Server Spoofing Vulnerability | ||
| CVE-2022-21987 | Hig | 0.52 | 8.0 | 0.02 | Feb 9, 2022 | Microsoft SharePoint Server Spoofing Vulnerability | ||
| CVE-2020-17115 | Hig | 0.52 | 8.0 | 0.03 | Dec 10, 2020 | Microsoft SharePoint Server Spoofing Vulnerability | ||
| CVE-2018-8628 | Hig | 0.52 | 7.8 | 0.16 | Dec 12, 2018 | A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory, aka "Microsoft PowerPoint Remote Code Execution Vulnerability." This affects Microsoft Office, Office 365 ProPlus, Microsoft PowerPoint,… | ||
| CVE-2018-8161 | Hig | 0.52 | 7.8 | 0.20 | May 9, 2018 | A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability." This affects Microsoft Word, Word, Microsoft Office, Microsoft SharePoint. This CVE… | ||
| CVE-2026-20951 | Hig | 0.51 | 7.8 | 0.01 | Jan 13, 2026 | Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally. | ||
| CVE-2026-20948 | Hig | 0.51 | 7.8 | 0.01 | Jan 13, 2026 | Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-62562 | Hig | 0.51 | 7.8 | 0.01 | Dec 9, 2025 | Use after free in Microsoft Office Outlook allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-62559 | Hig | 0.51 | 7.8 | 0.01 | Dec 9, 2025 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-62558 | Hig | 0.51 | 7.8 | 0.01 | Dec 9, 2025 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-59222 | Hig | 0.51 | 7.8 | 0.00 | Oct 14, 2025 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-54906 | Hig | 0.51 | 7.8 | 0.01 | Sep 9, 2025 | Free of memory not on the heap in Microsoft Office allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-49703 | Hig | 0.51 | 7.8 | 0.01 | Jul 8, 2025 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-47169 | Hig | 0.51 | 7.8 | 0.01 | Jun 10, 2025 | Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-47168 | Hig | 0.51 | 7.8 | 0.01 | Jun 10, 2025 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. |
- risk 0.52cvss 8.0epss 0.01
Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
- risk 0.52cvss 8.0epss 0.01
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
- risk 0.52cvss 8.0epss 0.02
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
- risk 0.52cvss 8.0epss 0.02
Microsoft SharePoint Server Spoofing Vulnerability
- risk 0.52cvss 8.0epss 0.02
Microsoft SharePoint Server Spoofing Vulnerability
- risk 0.52cvss 8.0epss 0.02
Microsoft SharePoint Server Spoofing Vulnerability
- risk 0.52cvss 8.0epss 0.02
Microsoft SharePoint Server Spoofing Vulnerability
- risk 0.52cvss 8.0epss 0.03
Microsoft SharePoint Server Spoofing Vulnerability
- risk 0.52cvss 7.8epss 0.16
A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory, aka "Microsoft PowerPoint Remote Code Execution Vulnerability." This affects Microsoft Office, Office 365 ProPlus, Microsoft PowerPoint,…
- risk 0.52cvss 7.8epss 0.20
A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability." This affects Microsoft Word, Word, Microsoft Office, Microsoft SharePoint. This CVE…
- risk 0.51cvss 7.8epss 0.01
Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.01
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.01
Use after free in Microsoft Office Outlook allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.01
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.01
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.00
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.01
Free of memory not on the heap in Microsoft Office allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.01
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.01
Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.01
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Page 4 of 10