Total
376 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-36940 | 1 Microsoft | 2 Sharepoint Enterprise Server, Sharepoint Server | 2021-08-20 | 4.0 MEDIUM | 4.3 MEDIUM |
| Microsoft SharePoint Server Spoofing Vulnerability | |||||
| CVE-2010-3324 | 1 Microsoft | 6 Groove Server, Internet Explorer, Sharepoint Foundation and 3 more | 2021-07-23 | 4.3 MEDIUM | N/A |
| The toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2, SharePoint Foundation 2010, Office SharePoint Server 2007 SP2, Groove Server 2010, and Office Web Apps, allows remote attackers to bypass the cross-site scripting (XSS) protection mechanism and conduct XSS attacks via a crafted use of the Cascading Style Sheets (CSS) @import rule, aka "HTML Sanitization Vulnerability," a different vulnerability than CVE-2010-1257. | |||||
| CVE-2010-3243 | 1 Microsoft | 8 Internet Explorer, Sharepoint Server, Sharepoint Services and 5 more | 2021-07-23 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2 and Office SharePoint Server 2007 SP2, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "HTML Sanitization Vulnerability." | |||||
| CVE-2010-1257 | 1 Microsoft | 9 Internet Explorer, Office Infopath, Sharepoint Server and 6 more | 2021-07-23 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the toStaticHTML API, as used in Microsoft Office InfoPath 2003 SP3, 2007 SP1, and 2007 SP2; Office SharePoint Server 2007 SP1 and SP2; SharePoint Services 3.0 SP1 and SP2; and Internet Explorer 8 allows remote attackers to inject arbitrary web script or HTML via vectors related to sanitization. | |||||
| CVE-2021-34467 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2021-07-22 | 6.5 MEDIUM | 8.8 HIGH |
| Microsoft SharePoint Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-34468, CVE-2021-34520. | |||||
| CVE-2021-34519 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2021-07-22 | 2.3 LOW | 3.5 LOW |
| Microsoft SharePoint Server Information Disclosure Vulnerability | |||||
| CVE-2021-34517 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2021-07-22 | 5.0 MEDIUM | 5.3 MEDIUM |
| Microsoft SharePoint Server Spoofing Vulnerability | |||||
| CVE-2021-34520 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2021-07-22 | 6.5 MEDIUM | 8.8 HIGH |
| Microsoft SharePoint Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-34467, CVE-2021-34468. | |||||
| CVE-2020-17115 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2021-07-21 | 6.0 MEDIUM | 8.0 HIGH |
| Microsoft SharePoint Spoofing Vulnerability | |||||
| CVE-2020-17060 | 1 Microsoft | 2 Sharepoint Enterprise Server, Sharepoint Server | 2021-07-21 | 5.8 MEDIUM | 5.4 MEDIUM |
| Microsoft SharePoint Spoofing Vulnerability This CVE ID is unique from CVE-2020-17015, CVE-2020-17016. | |||||
| CVE-2020-17017 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2021-07-21 | 6.8 MEDIUM | 6.5 MEDIUM |
| Microsoft SharePoint Information Disclosure Vulnerability This CVE ID is unique from CVE-2020-16979. | |||||
| CVE-2020-0972 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2021-07-21 | 3.5 LOW | 5.4 MEDIUM |
| A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2020-0975, CVE-2020-0976, CVE-2020-0977. | |||||
| CVE-2020-17089 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2021-07-21 | 6.0 MEDIUM | 8.0 HIGH |
| Microsoft SharePoint Elevation of Privilege Vulnerability | |||||
| CVE-2020-1440 | 1 Microsoft | 2 Sharepoint Enterprise Server, Sharepoint Server | 2021-07-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| A tampering vulnerability exists when Microsoft SharePoint Server fails to properly handle profile data, aka 'Microsoft SharePoint Server Tampering Vulnerability'. This CVE ID is unique from CVE-2020-1523. | |||||
| CVE-2020-0892 | 1 Microsoft | 8 Office, Office 365 Proplus, Office Online Server and 5 more | 2021-07-21 | 9.3 HIGH | 7.8 HIGH |
| A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0850, CVE-2020-0851, CVE-2020-0852, CVE-2020-0855. | |||||
| CVE-2020-1448 | 1 Microsoft | 7 Office, Office Online Server, Office Web Apps and 4 more | 2021-07-21 | 6.8 MEDIUM | 8.8 HIGH |
| A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1446, CVE-2020-1447. | |||||
| CVE-2020-1295 | 1 Microsoft | 2 Sharepoint Enterprise Server, Sharepoint Server | 2021-07-21 | 6.5 MEDIUM | 8.8 HIGH |
| An elevation of privilege vulnerability exists in Microsoft SharePoint, aka 'Microsoft SharePoint Elevation of Privilege Vulnerability'. | |||||
| CVE-2020-1205 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2021-07-21 | 4.9 MEDIUM | 4.6 MEDIUM |
| A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. | |||||
| CVE-2020-1447 | 1 Microsoft | 8 365 Apps, Office, Office Online Server and 5 more | 2021-07-21 | 6.8 MEDIUM | 8.8 HIGH |
| A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1446, CVE-2020-1448. | |||||
| CVE-2020-1500 | 1 Microsoft | 2 Sharepoint Enterprise Server, Sharepoint Server | 2021-07-21 | 5.5 MEDIUM | 5.4 MEDIUM |
| A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2020-1499, CVE-2020-1501. | |||||