Microsoft SharePoint - 536 CVEs (Page 2/5)

2022-06-15

High

CVE-2022-30157

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVSS: 8.8 CWE: N/A View on NVD

2022-05-11

High

CVE-2021-37851

Local privilege escalation in Windows products of ESET allows user who is logged into the system to exploit repair feature of the installer to run malicious code with higher privileges. This issue af…

CVSS: 7.3 CWE: CWE-280 - Improper Handling of Insufficient Permissions or Privileges View on NVD

2022-05-10

High

CVE-2022-29108

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVSS: 8.8 CWE: N/A View on NVD

High

CVE-2022-27167

Privilege escalation vulnerability in Windows products of ESET, spol. s r.o. allows attacker to exploit "Repair" and "Uninstall" features what may lead to arbitrary file deletion. This issue affects:…

CVSS: 7.1 CWE: CWE-280 - Improper Handling of Insufficient Permissions or Privileges View on NVD

2022-04-15

High

CVE-2022-24472

Microsoft SharePoint Server Spoofing Vulnerability

CVSS: 8.0 CWE: N/A View on NVD

2022-03-02

Critical

CVE-2022-24306

Zoho ManageEngine SharePoint Manager Plus before 4329 allows account takeover because authorization is mishandled.

CVSS: 9.8 CWE: CWE-863 - Incorrect Authorization View on NVD

Critical

CVE-2022-24305

Zoho ManageEngine SharePoint Manager Plus before 4329 is vulnerable to a sensitive data leak that leads to privilege escalation.

CVSS: 9.8 CWE: N/A View on NVD

2022-02-09

High

CVE-2022-22005

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVSS: 8.8 CWE: CWE-502 - Deserialization of Untrusted Data View on NVD

High

CVE-2022-21987

Microsoft SharePoint Server Spoofing Vulnerability

CVSS: 8.0 CWE: N/A View on NVD

Medium

CVE-2022-21968

Microsoft SharePoint Server Security Feature Bypass Vulnerability

CVSS: 4.3 CWE: N/A View on NVD

2022-01-11

High

CVE-2022-21837

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVSS: 8.3 CWE: N/A View on NVD

2021-12-29

High

CVE-2021-43876

Microsoft SharePoint Elevation of Privilege Vulnerability

CVSS: 8.8 CWE: N/A View on NVD

2021-12-15

High

CVE-2021-43242

Microsoft SharePoint Server Spoofing Vulnerability

CVSS: 7.6 CWE: N/A View on NVD

High

CVE-2021-42320

Microsoft SharePoint Server Spoofing Vulnerability

CVSS: 8.0 CWE: CWE-290 - Authentication Bypass by Spoofing View on NVD

High

CVE-2021-42309

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVSS: 8.8 CWE: CWE-94 - Improper Control of Generation of Code ('Code Injection') View on NVD

High

CVE-2021-42294

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVSS: 7.2 CWE: N/A View on NVD

2021-10-13

High

CVE-2021-41344

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVSS: 8.1 CWE: N/A View on NVD

High

CVE-2021-40487

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVSS: 8.1 CWE: CWE-94 - Improper Control of Generation of Code ('Code Injection') View on NVD

High

CVE-2021-40484

Microsoft SharePoint Server Spoofing Vulnerability

CVSS: 7.6 CWE: N/A View on NVD

High

CVE-2021-40483

Microsoft SharePoint Server Spoofing Vulnerability

CVSS: 7.6 CWE: N/A View on NVD

Medium

CVE-2021-40482

Microsoft SharePoint Server Information Disclosure Vulnerability

CVSS: 5.3 CWE: N/A View on NVD

2021-09-15

High

CVE-2021-38652

Microsoft SharePoint Server Spoofing Vulnerability

CVSS: 7.6 CWE: N/A View on NVD

High

CVE-2021-38651

Microsoft SharePoint Server Spoofing Vulnerability

CVSS: 7.6 CWE: N/A View on NVD

2021-08-12

High

CVE-2021-36940

Microsoft SharePoint Server Spoofing Vulnerability

CVSS: 7.6 CWE: N/A View on NVD

2021-07-16

High

CVE-2021-34467

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVSS: 7.1 CWE: N/A View on NVD

2021-07-14

High

CVE-2021-34520

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVSS: 8.1 CWE: CWE-502 - Deserialization of Untrusted Data View on NVD

Medium

CVE-2021-34519

Microsoft SharePoint Server Information Disclosure Vulnerability

CVSS: 5.3 CWE: N/A View on NVD

Medium

CVE-2021-34517

Microsoft SharePoint Server Spoofing Vulnerability

CVSS: 5.3 CWE: N/A View on NVD

High

CVE-2021-34468

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVSS: 7.1 CWE: N/A View on NVD

2021-06-08

High

CVE-2021-31966

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVSS: 7.2 CWE: N/A View on NVD

Medium

CVE-2021-31965

Microsoft SharePoint Server Information Disclosure Vulnerability

CVSS: 5.7 CWE: N/A View on NVD

High

CVE-2021-31964

Microsoft SharePoint Server Spoofing Vulnerability

CVSS: 7.6 CWE: N/A View on NVD

High

CVE-2021-31963

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVSS: 7.1 CWE: N/A View on NVD

High

CVE-2021-31950

Microsoft SharePoint Server Spoofing Vulnerability

CVSS: 7.6 CWE: CWE-918 - Server-Side Request Forgery (SSRF) View on NVD

High

CVE-2021-31948

Microsoft SharePoint Server Spoofing Vulnerability

CVSS: 7.6 CWE: N/A View on NVD

High

CVE-2021-26420

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVSS: 7.1 CWE: N/A View on NVD

2021-05-11

High

CVE-2021-31181

Microsoft SharePoint Remote Code Execution Vulnerability

CVSS: 8.8 CWE: CWE-94 - Improper Control of Generation of Code ('Code Injection') View on NVD

Medium

CVE-2021-31173

Microsoft SharePoint Server Information Disclosure Vulnerability

CVSS: 5.3 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD

High

CVE-2021-31172

Microsoft SharePoint Server Spoofing Vulnerability

CVSS: 7.1 CWE: CWE-290 - Authentication Bypass by Spoofing View on NVD

Medium

CVE-2021-31171

Microsoft SharePoint Information Disclosure Vulnerability

CVSS: 4.1 CWE: N/A View on NVD

High

CVE-2021-28478

Microsoft SharePoint Server Spoofing Vulnerability

CVSS: 7.6 CWE: CWE-290 - Authentication Bypass by Spoofing View on NVD

High

CVE-2021-28474

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVSS: 8.8 CWE: CWE-436 - Interpretation Conflict View on NVD

Medium

CVE-2021-26418

Microsoft SharePoint Server Spoofing Vulnerability

CVSS: 4.6 CWE: CWE-290 - Authentication Bypass by Spoofing View on NVD

2021-04-13

Medium

CVE-2021-28450

Microsoft SharePoint Denial of Service Vulnerability

CVSS: 5.0 CWE: N/A View on NVD

2021-03-11

High

CVE-2021-27076

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVSS: 8.8 CWE: N/A View on NVD

Medium

CVE-2021-27052

Microsoft SharePoint Server Information Disclosure Vulnerability

CVSS: 5.3 CWE: N/A View on NVD

Medium

CVE-2021-24104

Microsoft SharePoint Server Spoofing Vulnerability

CVSS: 4.6 CWE: N/A View on NVD

2021-02-25

High

CVE-2021-24072

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVSS: 8.8 CWE: N/A View on NVD

Medium

CVE-2021-24071

Microsoft SharePoint Information Disclosure Vulnerability

CVSS: 5.3 CWE: N/A View on NVD

High

CVE-2021-24066

Microsoft SharePoint Remote Code Execution Vulnerability

CVSS: 8.8 CWE: CWE-502 - Deserialization of Untrusted Data View on NVD

High

CVE-2021-1726

Microsoft SharePoint Server Spoofing Vulnerability

CVSS: 8.0 CWE: N/A View on NVD

2021-01-26

Medium

CVE-2020-26941

A local (authenticated) low-privileged user can exploit a behavior in an ESET installer to achieve arbitrary file overwrite (deletion) of any file via a symlink, due to insecure permissions. The poss…

CVSS: 5.5 CWE: CWE-276 - Incorrect Default Permissions View on NVD

2021-01-12

High

CVE-2021-1719

Microsoft SharePoint Elevation of Privilege Vulnerability

CVSS: 8.0 CWE: CWE-269 - Improper Privilege Management View on NVD

High

CVE-2021-1718

Microsoft SharePoint Server Tampering Vulnerability

CVSS: 8.0 CWE: N/A View on NVD

Medium

CVE-2021-1717

Microsoft SharePoint Server Spoofing Vulnerability

CVSS: 4.6 CWE: N/A View on NVD

High

CVE-2021-1712

Microsoft SharePoint Elevation of Privilege Vulnerability

CVSS: 8.0 CWE: CWE-269 - Improper Privilege Management View on NVD

High

CVE-2021-1707

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVSS: 8.8 CWE: N/A View on NVD

Medium

CVE-2021-1641

Microsoft SharePoint Server Spoofing Vulnerability

CVSS: 4.6 CWE: N/A View on NVD

2020-12-10

High

CVE-2020-17121

Microsoft SharePoint Remote Code Execution Vulnerability

CVSS: 8.8 CWE: N/A View on NVD

Medium

CVE-2020-17120

Microsoft SharePoint Information Disclosure Vulnerability

CVSS: 5.3 CWE: N/A View on NVD

High

CVE-2020-17118

Microsoft SharePoint Remote Code Execution Vulnerability

CVSS: 8.1 CWE: N/A View on NVD

High

CVE-2020-17115

Microsoft SharePoint Server Spoofing Vulnerability

CVSS: 8.0 CWE: N/A View on NVD

High

CVE-2020-17089

Microsoft SharePoint Elevation of Privilege Vulnerability

CVSS: 7.1 CWE: N/A View on NVD

2020-11-11

High

CVE-2020-17061

Microsoft SharePoint Remote Code Execution Vulnerability

CVSS: 8.8 CWE: N/A View on NVD

Medium

CVE-2020-17060

Microsoft SharePoint Server Spoofing Vulnerability

CVSS: 5.4 CWE: N/A View on NVD

Medium

CVE-2020-17017

Microsoft SharePoint Information Disclosure Vulnerability

CVSS: 5.3 CWE: N/A View on NVD

High

CVE-2020-17016

Microsoft SharePoint Server Spoofing Vulnerability

CVSS: 8.0 CWE: N/A View on NVD

Medium

CVE-2020-17015

Microsoft SharePoint Server Spoofing Vulnerability

CVSS: 4.3 CWE: N/A View on NVD

Medium

CVE-2020-16979

Microsoft SharePoint Information Disclosure Vulnerability

CVSS: 5.3 CWE: N/A View on NVD

2020-10-16

Medium

CVE-2020-16953

An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain i…

CVSS: 6.5 CWE: N/A View on NVD

High

CVE-2020-16952

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulner…

CVSS: 8.6 CWE: CWE-346 - Origin Validation Error View on NVD

High

CVE-2020-16951

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulner…

CVSS: 8.6 CWE: CWE-346 - Origin Validation Error View on NVD

Medium

CVE-2020-16950

An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain i…

CVSS: 5.0 CWE: N/A View on NVD

Medium

CVE-2020-16948

An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain i…

CVSS: 6.5 CWE: N/A View on NVD

High

CVE-2020-16946

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated att…

CVSS: 8.7 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD

High

CVE-2020-16945

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated att…

CVSS: 8.7 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD

High

CVE-2020-16944

This vulnerability is caused when SharePoint Server does not properly sanitize a specially crafted request to an affected SharePoint server. An authenticated attacker could exploit this vul…

CVSS: 8.7 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD

Medium

CVE-2020-16942

An information disclosure vulnerability exists when Microsoft SharePoint Server improperly discloses its folder structure when rendering specific web pages. An attacker who took advantage of this…

CVSS: 4.1 CWE: N/A View on NVD

Medium

CVE-2020-16941

An information disclosure vulnerability exists when Microsoft SharePoint Server improperly discloses its folder structure when rendering specific web pages. An attacker who took advantage of this…

CVSS: 4.1 CWE: N/A View on NVD

2020-09-11

Critical

CVE-2020-1595

A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data input. An attacker who successfully exploited the vulnerability could run…

CVSS: 9.9 CWE: CWE-494 - Download of Code Without Integrity Check View on NVD

High

CVE-2020-1576

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulner…

CVSS: 8.5 CWE: CWE-494 - Download of Code Without Integrity Check View on NVD

Medium

CVE-2020-1575

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated att…

CVSS: 5.4 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD

High

CVE-2020-1523

A tampering vulnerability exists when Microsoft SharePoint Server fails to properly handle profile data. An attacker who successfully exploited this vulnerability could modify a targeted user's pr…

CVSS: 8.9 CWE: N/A View on NVD

Medium

CVE-2020-1514

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated att…

CVSS: 5.4 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD

Medium

CVE-2020-1482

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated att…

CVSS: 6.3 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD

High

CVE-2020-1460

A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP.Net web controls. An authenticated attacker who successfully ex…

CVSS: 8.6 CWE: N/A View on NVD

High

CVE-2020-1453

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulner…

CVSS: 8.6 CWE: CWE-494 - Download of Code Without Integrity Check View on NVD

High

CVE-2020-1452

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulner…

CVSS: 8.6 CWE: CWE-494 - Download of Code Without Integrity Check View on NVD

Medium

CVE-2020-1440

A tampering vulnerability exists when Microsoft SharePoint Server fails to properly handle profile data. An attacker who successfully exploited this vulnerability could modify a targeted user's pr…

CVSS: 6.3 CWE: N/A View on NVD

High

CVE-2020-1345

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated att…

CVSS: 7.4 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD

Medium

CVE-2020-1227

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated att…

CVSS: 5.4 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD

Critical

CVE-2020-1210

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulner…

CVSS: 9.9 CWE: CWE-494 - Download of Code Without Integrity Check View on NVD

Medium

CVE-2020-1205

A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploi…

CVSS: 4.6 CWE: N/A View on NVD

High

CVE-2020-1200

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulner…

CVSS: 8.6 CWE: CWE-494 - Download of Code Without Integrity Check View on NVD

High

CVE-2020-1198

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated att…

CVSS: 7.4 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD

2020-08-17

Medium

CVE-2020-1580

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attack…

CVSS: 5.4 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD

Medium

CVE-2020-1573

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attack…

CVSS: 5.5 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD

Medium

CVE-2020-1505

An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain info…

CVSS: 5.5 CWE: N/A View on NVD

Medium

CVE-2020-1501

A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit t…

CVSS: 5.4 CWE: N/A View on NVD

Medium

CVE-2020-1500

A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit t…

CVSS: 5.4 CWE: N/A View on NVD

Medium

CVE-2020-1499

A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit t…

CVSS: 5.4 CWE: N/A View on NVD

2020-07-14

Medium

CVE-2020-1456

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office S…

CVSS: 5.4 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD

Medium

CVE-2020-1454

This vulnerability is caused when SharePoint Server does not properly sanitize a specially crafted request to an affected SharePoint server.An authenticated attacker could exploit this vulnerability…

CVSS: 5.4 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD

Medium

CVE-2020-1451

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office S…

CVSS: 5.4 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD

Medium

CVE-2020-1450

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office S…

CVSS: 5.4 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD

Medium

CVE-2020-1444

A remote code execution vulnerability exists in the way Microsoft SharePoint software parses specially crafted email messages, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'.

CVSS: 4.3 CWE: N/A View on NVD

Medium

CVE-2020-1443

A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulner…

CVSS: 5.4 CWE: N/A View on NVD

High

CVE-2020-1439

A remote code execution vulnerability exists in PerformancePoint Services for SharePoint Server when the software fails to check the source markup of XML file input, aka 'PerformancePoint Services Re…

CVSS: 8.8 CWE: CWE-502 - Deserialization of Untrusted Data View on NVD

High

CVE-2020-1147

A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input, aka '.NET Framework, Shar…

CVSS: 7.8 CWE: N/A View on NVD

Critical

CVE-2020-1025

An elevation of privilege vulnerability exists when Microsoft SharePoint Server and Skype for Business Server improperly handle OAuth token validation. An attacker who successfully exploited the vuln…

CVSS: 9.8 CWE: CWE-20 - Improper Input Validation View on NVD

2020-06-09

Medium

CVE-2020-1323

An open redirect vulnerability exists in Microsoft SharePoint that could lead to spoofing.To exploit the vulnerability, an attacker could send a link that has a specially crafted URL and convince the…

CVSS: 6.1 CWE: CWE-601 - URL Redirection to Untrusted Site ('Open Redirect') View on NVD

Medium

CVE-2020-1320

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office S…

CVSS: 5.4 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD

Medium

CVE-2020-1318

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office S…

CVSS: 5.4 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD

Medium

CVE-2020-1298

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office S…

CVSS: 5.4 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD

Medium

CVE-2020-1297

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office S…

CVSS: 5.4 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD

High

CVE-2020-1295

An elevation of privilege vulnerability exists in Microsoft SharePoint, aka 'Microsoft SharePoint Elevation of Privilege Vulnerability'.

CVSS: 8.8 CWE: N/A View on NVD

Medium

CVE-2020-1289

A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulner…

CVSS: 5.4 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD

Medium

CVE-2020-1183

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office S…

CVSS: 5.4 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD

High

CVE-2020-1181

A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP.Net web controls, aka 'Microsoft SharePoint Server Remote Code Exe…

CVSS: 8.8 CWE: N/A View on NVD

High

CVE-2020-1178

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted authentication request to an affected SharePoint server, aka 'Microsoft…

CVSS: 8.8 CWE: N/A View on NVD

About “Microsoft SharePoint”

CVE-2022-30157

CVE-2021-37851

CVE-2022-29108

CVE-2022-27167

CVE-2022-24472

CVE-2022-24306

CVE-2022-24305

CVE-2022-22005

CVE-2022-21987

CVE-2022-21968

CVE-2022-21837

CVE-2021-43876

CVE-2021-43242

CVE-2021-42320

CVE-2021-42309

CVE-2021-42294

CVE-2021-41344

CVE-2021-40487

CVE-2021-40484

CVE-2021-40483

CVE-2021-40482

CVE-2021-38652

CVE-2021-38651

CVE-2021-36940

CVE-2021-34467

CVE-2021-34520

CVE-2021-34519

CVE-2021-34517

CVE-2021-34468

CVE-2021-31966

CVE-2021-31965

CVE-2021-31964

CVE-2021-31963

CVE-2021-31950

CVE-2021-31948

CVE-2021-26420

CVE-2021-31181

CVE-2021-31173

CVE-2021-31172

CVE-2021-31171

CVE-2021-28478

CVE-2021-28474

CVE-2021-26418

CVE-2021-28450

CVE-2021-27076

CVE-2021-27052

CVE-2021-24104

CVE-2021-24072

CVE-2021-24071

CVE-2021-24066

CVE-2021-1726

CVE-2020-26941

CVE-2021-1719

CVE-2021-1718

CVE-2021-1717

CVE-2021-1712

CVE-2021-1707

CVE-2021-1641

CVE-2020-17121

CVE-2020-17120

CVE-2020-17118

CVE-2020-17115

CVE-2020-17089

CVE-2020-17061

CVE-2020-17060

CVE-2020-17017

CVE-2020-17016

CVE-2020-17015

CVE-2020-16979

CVE-2020-16953

CVE-2020-16952

CVE-2020-16951

CVE-2020-16950

CVE-2020-16948

CVE-2020-16946

CVE-2020-16945

CVE-2020-16944

CVE-2020-16942

CVE-2020-16941