Sharepoint Foundation
by Microsoft
CVEs (185)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-1101 | 0.00 | — | 0.02 | May 21, 2020 | A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1099,… | |||
| CVE-2020-0978 | 0.00 | — | 0.02 | Apr 15, 2020 | A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0923,… | |||
| CVE-2020-0976 | 0.00 | — | 0.02 | Apr 15, 2020 | A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2020-0972, CVE-2020-0975, CVE-2020-0977. | |||
| CVE-2020-0975 | 0.00 | — | 0.02 | Apr 15, 2020 | A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2020-0972, CVE-2020-0976, CVE-2020-0977. | |||
| CVE-2020-0972 | 0.00 | — | 0.02 | Apr 15, 2020 | A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2020-0975, CVE-2020-0976, CVE-2020-0977. | |||
| CVE-2020-0933 | 0.00 | — | 0.02 | Apr 15, 2020 | A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0923,… | |||
| CVE-2020-0923 | 0.00 | — | 0.02 | Apr 15, 2020 | A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0924,… | |||
| CVE-2020-0924 | 0.00 | — | 0.02 | Apr 15, 2020 | A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0923,… | |||
| CVE-2020-0925 | 0.00 | — | 0.02 | Apr 15, 2020 | A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0923,… | |||
| CVE-2020-0894 | 0.00 | — | 0.01 | Mar 12, 2020 | A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0893. | |||
| CVE-2020-0891 | 0.00 | — | 0.02 | Mar 12, 2020 | This vulnerability is caused when SharePoint Server does not properly sanitize a specially crafted request to an affected SharePoint server.An authenticated attacker could exploit this vulnerability by sending a specially crafted request to an affected SharePoint server, aka… | |||
| CVE-2020-0795 | 0.00 | — | 0.02 | Mar 12, 2020 | This vulnerability is caused when SharePoint Server does not properly sanitize a specially crafted request to an affected SharePoint server.An authenticated attacker could exploit this vulnerability by sending a specially crafted request to an affected SharePoint server, aka… | |||
| CVE-2019-1328 | 0.00 | — | 0.01 | Oct 10, 2019 | A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. | |||
| CVE-2019-1329 | 0.00 | — | 0.01 | Oct 10, 2019 | An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1330. | |||
| CVE-2019-1070 | 0.00 | — | 0.01 | Oct 10, 2019 | A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. | |||
| CVE-2019-1259 | 0.00 | — | 0.01 | Sep 11, 2019 | A spoofing vulnerability exists in Microsoft SharePoint when it improperly handles requests to authorize applications, resulting in cross-site request forgery (CSRF).To exploit this vulnerability, an attacker would need to create a page specifically designed to cause a… | |||
| CVE-2019-1261 | 0.00 | — | 0.01 | Sep 11, 2019 | A spoofing vulnerability exists in Microsoft SharePoint when it improperly handles requests to authorize applications, resulting in cross-site request forgery (CSRF).To exploit this vulnerability, an attacker would need to create a page specifically designed to cause a… | |||
| CVE-2019-1202 | 0.00 | — | 0.02 | Aug 14, 2019 | An information disclosure vulnerability exists in the way Microsoft SharePoint handles session objects. An authenticated attacker who successfully exploited the vulnerability could hijack the session of another user. To exploit this vulnerability, the attacker could run a… | |||
| CVE-2019-1006 | 0.00 | — | 0.06 | Jul 15, 2019 | An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys, aka 'WCF/WIF SAML Token Authentication Bypass Vulnerability'. | |||
| CVE-2019-0963 | 0.00 | — | 0.02 | May 16, 2019 | A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. |
- CVE-2020-1101May 21, 2020risk 0.00cvss —epss 0.02
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1099,…
- CVE-2020-0978Apr 15, 2020risk 0.00cvss —epss 0.02
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0923,…
- CVE-2020-0976Apr 15, 2020risk 0.00cvss —epss 0.02
A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2020-0972, CVE-2020-0975, CVE-2020-0977.
- CVE-2020-0975Apr 15, 2020risk 0.00cvss —epss 0.02
A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2020-0972, CVE-2020-0976, CVE-2020-0977.
- CVE-2020-0972Apr 15, 2020risk 0.00cvss —epss 0.02
A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2020-0975, CVE-2020-0976, CVE-2020-0977.
- CVE-2020-0933Apr 15, 2020risk 0.00cvss —epss 0.02
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0923,…
- CVE-2020-0923Apr 15, 2020risk 0.00cvss —epss 0.02
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0924,…
- CVE-2020-0924Apr 15, 2020risk 0.00cvss —epss 0.02
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0923,…
- CVE-2020-0925Apr 15, 2020risk 0.00cvss —epss 0.02
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0923,…
- CVE-2020-0894Mar 12, 2020risk 0.00cvss —epss 0.01
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0893.
- CVE-2020-0891Mar 12, 2020risk 0.00cvss —epss 0.02
This vulnerability is caused when SharePoint Server does not properly sanitize a specially crafted request to an affected SharePoint server.An authenticated attacker could exploit this vulnerability by sending a specially crafted request to an affected SharePoint server, aka…
- CVE-2020-0795Mar 12, 2020risk 0.00cvss —epss 0.02
This vulnerability is caused when SharePoint Server does not properly sanitize a specially crafted request to an affected SharePoint server.An authenticated attacker could exploit this vulnerability by sending a specially crafted request to an affected SharePoint server, aka…
- CVE-2019-1328Oct 10, 2019risk 0.00cvss —epss 0.01
A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'.
- CVE-2019-1329Oct 10, 2019risk 0.00cvss —epss 0.01
An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1330.
- CVE-2019-1070Oct 10, 2019risk 0.00cvss —epss 0.01
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'.
- CVE-2019-1259Sep 11, 2019risk 0.00cvss —epss 0.01
A spoofing vulnerability exists in Microsoft SharePoint when it improperly handles requests to authorize applications, resulting in cross-site request forgery (CSRF).To exploit this vulnerability, an attacker would need to create a page specifically designed to cause a…
- CVE-2019-1261Sep 11, 2019risk 0.00cvss —epss 0.01
A spoofing vulnerability exists in Microsoft SharePoint when it improperly handles requests to authorize applications, resulting in cross-site request forgery (CSRF).To exploit this vulnerability, an attacker would need to create a page specifically designed to cause a…
- CVE-2019-1202Aug 14, 2019risk 0.00cvss —epss 0.02
An information disclosure vulnerability exists in the way Microsoft SharePoint handles session objects. An authenticated attacker who successfully exploited the vulnerability could hijack the session of another user. To exploit this vulnerability, the attacker could run a…
- CVE-2019-1006Jul 15, 2019risk 0.00cvss —epss 0.06
An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys, aka 'WCF/WIF SAML Token Authentication Bypass Vulnerability'.
- CVE-2019-0963May 16, 2019risk 0.00cvss —epss 0.02
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'.
Page 9 of 10