Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Microsoft Subscribe
Filtered by product Sharepoint Server
Total 376 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-36940 1 Microsoft 2 Sharepoint Enterprise Server, Sharepoint Server 2021-08-20 4.0 MEDIUM 4.3 MEDIUM
Microsoft SharePoint Server Spoofing Vulnerability
CVE-2010-3324 1 Microsoft 6 Groove Server, Internet Explorer, Sharepoint Foundation and 3 more 2021-07-23 4.3 MEDIUM N/A
The toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2, SharePoint Foundation 2010, Office SharePoint Server 2007 SP2, Groove Server 2010, and Office Web Apps, allows remote attackers to bypass the cross-site scripting (XSS) protection mechanism and conduct XSS attacks via a crafted use of the Cascading Style Sheets (CSS) @import rule, aka "HTML Sanitization Vulnerability," a different vulnerability than CVE-2010-1257.
CVE-2010-3243 1 Microsoft 8 Internet Explorer, Sharepoint Server, Sharepoint Services and 5 more 2021-07-23 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2 and Office SharePoint Server 2007 SP2, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "HTML Sanitization Vulnerability."
CVE-2010-1257 1 Microsoft 9 Internet Explorer, Office Infopath, Sharepoint Server and 6 more 2021-07-23 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the toStaticHTML API, as used in Microsoft Office InfoPath 2003 SP3, 2007 SP1, and 2007 SP2; Office SharePoint Server 2007 SP1 and SP2; SharePoint Services 3.0 SP1 and SP2; and Internet Explorer 8 allows remote attackers to inject arbitrary web script or HTML via vectors related to sanitization.
CVE-2021-34467 1 Microsoft 2 Sharepoint Foundation, Sharepoint Server 2021-07-22 6.5 MEDIUM 8.8 HIGH
Microsoft SharePoint Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-34468, CVE-2021-34520.
CVE-2021-34519 1 Microsoft 2 Sharepoint Foundation, Sharepoint Server 2021-07-22 2.3 LOW 3.5 LOW
Microsoft SharePoint Server Information Disclosure Vulnerability
CVE-2021-34517 1 Microsoft 2 Sharepoint Foundation, Sharepoint Server 2021-07-22 5.0 MEDIUM 5.3 MEDIUM
Microsoft SharePoint Server Spoofing Vulnerability
CVE-2021-34520 1 Microsoft 2 Sharepoint Foundation, Sharepoint Server 2021-07-22 6.5 MEDIUM 8.8 HIGH
Microsoft SharePoint Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-34467, CVE-2021-34468.
CVE-2020-17115 1 Microsoft 2 Sharepoint Foundation, Sharepoint Server 2021-07-21 6.0 MEDIUM 8.0 HIGH
Microsoft SharePoint Spoofing Vulnerability
CVE-2020-17060 1 Microsoft 2 Sharepoint Enterprise Server, Sharepoint Server 2021-07-21 5.8 MEDIUM 5.4 MEDIUM
Microsoft SharePoint Spoofing Vulnerability This CVE ID is unique from CVE-2020-17015, CVE-2020-17016.
CVE-2020-17017 1 Microsoft 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server 2021-07-21 6.8 MEDIUM 6.5 MEDIUM
Microsoft SharePoint Information Disclosure Vulnerability This CVE ID is unique from CVE-2020-16979.
CVE-2020-0972 1 Microsoft 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server 2021-07-21 3.5 LOW 5.4 MEDIUM
A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2020-0975, CVE-2020-0976, CVE-2020-0977.
CVE-2020-17089 1 Microsoft 2 Sharepoint Foundation, Sharepoint Server 2021-07-21 6.0 MEDIUM 8.0 HIGH
Microsoft SharePoint Elevation of Privilege Vulnerability
CVE-2020-1440 1 Microsoft 2 Sharepoint Enterprise Server, Sharepoint Server 2021-07-21 4.0 MEDIUM 4.3 MEDIUM
A tampering vulnerability exists when Microsoft SharePoint Server fails to properly handle profile data, aka 'Microsoft SharePoint Server Tampering Vulnerability'. This CVE ID is unique from CVE-2020-1523.
CVE-2020-0892 1 Microsoft 8 Office, Office 365 Proplus, Office Online Server and 5 more 2021-07-21 9.3 HIGH 7.8 HIGH
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0850, CVE-2020-0851, CVE-2020-0852, CVE-2020-0855.
CVE-2020-1448 1 Microsoft 7 Office, Office Online Server, Office Web Apps and 4 more 2021-07-21 6.8 MEDIUM 8.8 HIGH
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1446, CVE-2020-1447.
CVE-2020-1295 1 Microsoft 2 Sharepoint Enterprise Server, Sharepoint Server 2021-07-21 6.5 MEDIUM 8.8 HIGH
An elevation of privilege vulnerability exists in Microsoft SharePoint, aka 'Microsoft SharePoint Elevation of Privilege Vulnerability'.
CVE-2020-1205 1 Microsoft 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server 2021-07-21 4.9 MEDIUM 4.6 MEDIUM
A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'.
CVE-2020-1447 1 Microsoft 8 365 Apps, Office, Office Online Server and 5 more 2021-07-21 6.8 MEDIUM 8.8 HIGH
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1446, CVE-2020-1448.
CVE-2020-1500 1 Microsoft 2 Sharepoint Enterprise Server, Sharepoint Server 2021-07-21 5.5 MEDIUM 5.4 MEDIUM
A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2020-1499, CVE-2020-1501.