Home/Product/microsoft sharepoint server
Product

microsoft sharepoint server

476 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2026-40368
< 16.0.19725.20280
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
8.0HIGH
 CVE-2026-40365
< 16.0.19725.20280
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
8.8HIGH
 CVE-2026-40357
< 16.0.19725.20280
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
8.8HIGH
 CVE-2026-35439
< 16.0.19725.20280
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
8.8HIGH
 CVE-2026-33112
< 16.0.19725.20280
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
8.8HIGH
 CVE-2026-33110
< 16.0.19725.20280
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
8.8HIGH
 CVE-2026-32201
< 16.0.19725.20210
Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.
6.5MEDIUM
 CVE-2026-20945
< 16.0.19725.20210
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an auth
4.6MEDIUM
 CVE-2026-26114
all versions
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
8.8HIGH
 CVE-2026-26113
< 16.0.19725.20076
Untrusted pointer dereference in Microsoft Office allows an unauthorized attacker to execute code locally.
8.4HIGH
 CVE-2026-26106
< 16.0.19725.20076
Improper input validation in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
8.8HIGH
 CVE-2026-26105
< 16.0.19725.20076
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an unau
8.1HIGH
 CVE-2026-21511
< 16.0.19127.20518
Deserialization of untrusted data in Microsoft Office Outlook allows an unauthorized attacker to perform spoofing over a network.
7.5HIGH
 CVE-2026-21260
< 16.0.19127.20518
Exposure of sensitive information to an unauthorized actor in Microsoft Office Outlook allows an unauthorized attacker to perform
7.5HIGH
 CVE-2026-20963
< 16.0.19127.20442
Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code over a network.
9.8CRITICAL
 CVE-2026-20959
< 16.0.19127.20442
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an auth
4.6MEDIUM
 CVE-2026-20958
< 16.0.19127.20442
Server-side request forgery (ssrf) in Microsoft Office SharePoint allows an authorized attacker to disclose information over a net
5.4MEDIUM
 CVE-2026-20951
< 16.0.19127.20442
Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.
7.8HIGH
 CVE-2026-20948
all versions
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally.
7.8HIGH
 CVE-2026-20947
< 16.0.19127.20442
Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Office SharePoint allows an auth
8.8HIGH
 CVE-2026-20943
< 16.0.19127.20442
Untrusted search path in Microsoft Office allows an unauthorized attacker to execute code locally.
7.0HIGH
 CVE-2025-64672
< 16.0.19127.20378
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an auth
8.8HIGH
 CVE-2025-62562
all versions
Use after free in Microsoft Office Outlook allows an unauthorized attacker to execute code locally.
7.8HIGH
 CVE-2025-62559
all versions
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
7.8HIGH
 CVE-2025-62558
all versions
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
7.8HIGH
 CVE-2025-62555
all versions
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
7.0HIGH
 CVE-2025-62204
< 16.0.19127.20338
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
8.0HIGH
 CVE-2025-59237
< 16.0.19127.20262
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
8.8HIGH
 CVE-2025-59235
all versions
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
7.1HIGH
 CVE-2025-59232
all versions
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
7.1HIGH
 CVE-2025-59228
< 16.0.19127.20262
Improper input validation in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
8.8HIGH
 CVE-2025-59222
all versions
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
7.8HIGH
 CVE-2025-59221
all versions
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
7.0HIGH
 CVE-2025-54906
all versions
Free of memory not on the heap in Microsoft Office allows an unauthorized attacker to execute code locally.
7.8HIGH
 CVE-2025-54905
all versions
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to disclose information locally.
7.1HIGH
 CVE-2025-54897
< 16.0.19127.20100
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
8.8HIGH
 CVE-2025-53760
< 16.0.18526.20518
Server-side request forgery (ssrf) in Microsoft Office SharePoint allows an authorized attacker to elevate privileges over a netwo
7.1HIGH
 CVE-2025-53736
all versions
Buffer over-read in Microsoft Office Word allows an unauthorized attacker to disclose information locally.
6.8MEDIUM
 CVE-2025-53733
all versions
Incorrect conversion between numeric types in Microsoft Office Word allows an unauthorized attacker to execute code locally.
8.4HIGH
 CVE-2025-49712
all versions
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
8.8HIGH
 CVE-2025-53771
< 16.0.18526.20508
Improper authentication in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.
6.5MEDIUM
 CVE-2025-53770
< 16.0.18526.20508
Deserialization of untrusted data in on-premises Microsoft SharePoint Server allows an unauthorized attacker to execute code over
9.8CRITICAL
 CVE-2025-49706
< 16.0.18526.20424
Improper authentication in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.
6.5MEDIUM
 CVE-2025-49704
all versions
Improper control of generation of code ('code injection') in Microsoft Office SharePoint allows an authorized attacker to execute
8.8HIGH
 CVE-2025-49703
all versions
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
7.8HIGH
 CVE-2025-49701
< 16.0.18526.20424
Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
8.8HIGH
 CVE-2025-47172
<= 16.0.18526.20396
Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Office SharePoint allows an auth
8.8HIGH
 CVE-2025-47169
all versions
Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to execute code locally.
7.8HIGH
 CVE-2025-47168
all versions
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
7.8HIGH
 CVE-2025-47166
< 16.0.18526.20396
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
8.8HIGH
 CVE-2025-47163
< 16.0.18526.20396
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
8.8HIGH
 CVE-2025-30384
< 16.0.18526.20286
Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.
7.4HIGH
 CVE-2025-30382
< 16.0.18526.20286
Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.
7.8HIGH
 CVE-2025-30378
< 16.0.18526.20286
Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.
7.0HIGH
 CVE-2025-29976
< 16.0.18526.20286
Improper privilege management in Microsoft Office SharePoint allows an authorized attacker to elevate privileges locally.
7.8HIGH
 CVE-2025-29794
< 16.0.18526.20172
Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
8.8HIGH
 CVE-2025-29793
< 16.0.18526.20172
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
7.2HIGH
 CVE-2025-27747
all versions
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
7.8HIGH
 CVE-2025-27746
< 16.0.10417.20003
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
7.8HIGH
 CVE-2025-26642
all versions
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally.
7.8HIGH
 CVE-2025-21400
< 16.0.17928.20396
Microsoft SharePoint Server Remote Code Execution Vulnerability
8.0HIGH
 CVE-2025-21393
< 16.0.17928.20356
Microsoft SharePoint Server Spoofing Vulnerability
6.3MEDIUM
 CVE-2025-21348
< 16.0.17928.20356
Microsoft SharePoint Server Remote Code Execution Vulnerability
7.2HIGH
 CVE-2025-21344
< 16.0.17928.20356
Microsoft SharePoint Server Remote Code Execution Vulnerability
7.8HIGH
 CVE-2024-49070
all versions
Microsoft SharePoint Remote Code Execution Vulnerability
7.4HIGH
 CVE-2024-49068
all versions
Microsoft SharePoint Elevation of Privilege Vulnerability
8.2HIGH
 CVE-2024-49065
all versions
Microsoft Office Remote Code Execution Vulnerability
5.5MEDIUM
 CVE-2024-49064
all versions
Microsoft SharePoint Information Disclosure Vulnerability
6.5MEDIUM
 CVE-2024-49062
all versions
Microsoft SharePoint Information Disclosure Vulnerability
6.5MEDIUM
 CVE-2024-43503
all versions
Microsoft SharePoint Elevation of Privilege Vulnerability
7.8HIGH
 CVE-2024-43466
all versions
Microsoft SharePoint Server Denial of Service Vulnerability
6.5MEDIUM
 CVE-2024-43464
all versions
Microsoft SharePoint Server Remote Code Execution Vulnerability
7.2HIGH
 CVE-2024-38228
all versions
Microsoft SharePoint Server Remote Code Execution Vulnerability
7.2HIGH
 CVE-2024-38227
all versions
Microsoft SharePoint Server Remote Code Execution Vulnerability
7.2HIGH
 CVE-2024-38018
all versions
Microsoft SharePoint Server Remote Code Execution Vulnerability
8.8HIGH
 CVE-2024-38094
all versions
Microsoft SharePoint Remote Code Execution Vulnerability
7.2HIGH
 CVE-2024-38024
all versions
Microsoft SharePoint Server Remote Code Execution Vulnerability
7.2HIGH
 CVE-2024-38023
all versions
Microsoft SharePoint Server Remote Code Execution Vulnerability
7.2HIGH
 CVE-2024-32987
all versions
Microsoft SharePoint Server Information Disclosure Vulnerability
7.5HIGH
 CVE-2024-30100
< 16.0.17328.20362
Microsoft SharePoint Server Remote Code Execution Vulnerability
7.8HIGH
 CVE-2024-30044
< 16.0.17328.20292
Microsoft SharePoint Server Remote Code Execution Vulnerability
7.2HIGH
 CVE-2024-30043
< 16.0.17328.20292
Microsoft SharePoint Server Information Disclosure Vulnerability
6.5MEDIUM
 CVE-2024-26251
< 16.0.17328.20246
Microsoft SharePoint Server Spoofing Vulnerability
6.8MEDIUM
 CVE-2024-21426
all versions
Microsoft SharePoint Server Remote Code Execution Vulnerability
7.8HIGH
 CVE-2024-21318
all versions
Microsoft SharePoint Server Remote Code Execution Vulnerability
8.8HIGH
 CVE-2023-38177
all versions
Microsoft SharePoint Server Remote Code Execution Vulnerability
6.1MEDIUM
 CVE-2023-36764
all versions
Microsoft SharePoint Server Elevation of Privilege Vulnerability
8.8HIGH
 CVE-2023-36762
all versions
Microsoft Word Remote Code Execution Vulnerability
7.3HIGH
 CVE-2023-36894
all versions
Microsoft SharePoint Server Information Disclosure Vulnerability
6.5MEDIUM
 CVE-2023-36892
all versions
Microsoft SharePoint Server Spoofing Vulnerability
8.0HIGH
 CVE-2023-36891
all versions
Microsoft SharePoint Server Spoofing Vulnerability
8.0HIGH
 CVE-2023-36890
all versions
Microsoft SharePoint Server Information Disclosure Vulnerability
6.5MEDIUM
 CVE-2023-33165
all versions
Microsoft SharePoint Server Security Feature Bypass Vulnerability
4.3MEDIUM
 CVE-2023-33160
all versions
Microsoft SharePoint Server Remote Code Execution Vulnerability
8.8HIGH
 CVE-2023-33159
all versions
Microsoft SharePoint Server Spoofing Vulnerability
8.8HIGH
 CVE-2023-33157
all versions
Microsoft SharePoint Remote Code Execution Vulnerability
8.8HIGH
 CVE-2023-33134
all versions
Microsoft SharePoint Server Remote Code Execution Vulnerability
8.8HIGH
 CVE-2023-33142
all versions
Microsoft SharePoint Server Elevation of Privilege Vulnerability
6.5MEDIUM
 CVE-2023-33132
all versions
Microsoft SharePoint Server Spoofing Vulnerability
6.3MEDIUM
 CVE-2023-33130
all versions
Microsoft SharePoint Server Spoofing Vulnerability
7.3HIGH
 CVE-2023-33129
all versions
Microsoft SharePoint Server Denial of Service Vulnerability
6.5MEDIUM
 CVE-2023-29357
all versions
Microsoft SharePoint Server Elevation of Privilege Vulnerability
9.8CRITICAL
 CVE-2023-24955
all versions
Microsoft SharePoint Server Remote Code Execution Vulnerability
7.2HIGH
 CVE-2023-24954
all versions
Microsoft SharePoint Server Information Disclosure Vulnerability
6.5MEDIUM
 CVE-2023-24950
all versions
Microsoft SharePoint Server Spoofing Vulnerability
6.5MEDIUM
 CVE-2023-28288
all versions
Microsoft SharePoint Server Spoofing Vulnerability
8.1HIGH
 CVE-2023-23395
all versions
Microsoft SharePoint Server Spoofing Vulnerability
3.1LOW
 CVE-2023-21717
all versions
Microsoft SharePoint Server Elevation of Privilege Vulnerability
8.8HIGH
 CVE-2023-21716
all versions
Microsoft Word Remote Code Execution Vulnerability
9.8CRITICAL
 CVE-2023-21744
all versions
Microsoft SharePoint Server Remote Code Execution Vulnerability
8.8HIGH
 CVE-2023-21743
all versions
Microsoft SharePoint Server Security Feature Bypass Vulnerability
5.3MEDIUM
 CVE-2023-21742
all versions
Microsoft SharePoint Server Remote Code Execution Vulnerability
8.8HIGH
 CVE-2022-44693
all versions
Microsoft SharePoint Server Remote Code Execution Vulnerability
8.8HIGH
 CVE-2022-44690
all versions
Microsoft SharePoint Server Remote Code Execution Vulnerability
8.8HIGH
 CVE-2022-41122
all versions
Microsoft SharePoint Server Spoofing Vulnerability
6.5MEDIUM
 CVE-2022-41103
all versions
Microsoft Word Information Disclosure Vulnerability
5.5MEDIUM
 CVE-2022-41062
all versions
Microsoft SharePoint Server Remote Code Execution Vulnerability
8.8HIGH
 CVE-2022-41061
all versions
Microsoft Word Remote Code Execution Vulnerability
7.8HIGH
 CVE-2022-41060
all versions
Microsoft Word Information Disclosure Vulnerability
5.5MEDIUM
 CVE-2022-41038
all versions
Microsoft SharePoint Server Remote Code Execution Vulnerability
8.8HIGH
 CVE-2022-41037
all versions
Microsoft SharePoint Server Remote Code Execution Vulnerability
8.8HIGH
 CVE-2022-41036
all versions
Microsoft SharePoint Server Remote Code Execution Vulnerability
8.8HIGH
 CVE-2022-38053
all versions
Microsoft SharePoint Server Remote Code Execution Vulnerability
8.8HIGH
 CVE-2022-38009
all versions
Microsoft SharePoint Server Remote Code Execution Vulnerability
8.8HIGH
 CVE-2022-38008
all versions
Microsoft SharePoint Server Remote Code Execution Vulnerability
8.8HIGH
 CVE-2022-37961
all versions
Microsoft SharePoint Server Remote Code Execution Vulnerability
8.8HIGH
 CVE-2022-35823
all versions
Microsoft SharePoint Remote Code Execution Vulnerability
8.8HIGH
 CVE-2022-30172
all versions
Microsoft Office Information Disclosure Vulnerability
5.5MEDIUM
 CVE-2022-30171
all versions
Microsoft Office Information Disclosure Vulnerability
5.5MEDIUM
 CVE-2022-30159
all versions
Microsoft Office Information Disclosure Vulnerability
5.5MEDIUM
 CVE-2022-30158
all versions
Microsoft SharePoint Server Remote Code Execution Vulnerability
8.8HIGH
 CVE-2022-30157
all versions
Microsoft SharePoint Server Remote Code Execution Vulnerability
8.8HIGH
 CVE-2022-29108
all versions
Microsoft SharePoint Server Remote Code Execution Vulnerability
8.8HIGH
 CVE-2022-24472
all versions
Microsoft SharePoint Server Spoofing Vulnerability
8.0HIGH
 CVE-2022-22716
all versions
Microsoft Excel Information Disclosure Vulnerability
5.5MEDIUM
 CVE-2022-22005
all versions
Microsoft SharePoint Server Remote Code Execution Vulnerability
8.8HIGH
 CVE-2022-21987
all versions
Microsoft SharePoint Server Spoofing Vulnerability
8.0HIGH
 CVE-2022-21968
all versions
Microsoft SharePoint Server Security Feature Bypass Vulnerability
4.3MEDIUM
 CVE-2022-21840
all versions
Microsoft Office Remote Code Execution Vulnerability
8.8HIGH
 CVE-2022-21837
all versions
Microsoft SharePoint Server Remote Code Execution Vulnerability
8.3HIGH
 CVE-2021-43876
all versions
Microsoft SharePoint Elevation of Privilege Vulnerability
8.8HIGH
 CVE-2021-43242
all versions
Microsoft SharePoint Server Spoofing Vulnerability
7.6HIGH
 CVE-2021-42320
all versions
Microsoft SharePoint Server Spoofing Vulnerability
8.0HIGH
 CVE-2021-42309
all versions
Microsoft SharePoint Server Remote Code Execution Vulnerability
8.8HIGH
 CVE-2021-42294
all versions
Microsoft SharePoint Server Remote Code Execution Vulnerability
7.2HIGH
 CVE-2021-41344
all versions
Microsoft SharePoint Server Remote Code Execution Vulnerability
8.1HIGH
 CVE-2021-40487
all versions
Microsoft SharePoint Server Remote Code Execution Vulnerability
8.1HIGH
 CVE-2021-40486
all versions
Microsoft Word Remote Code Execution Vulnerability
7.8HIGH
 CVE-2021-40484
all versions
Microsoft SharePoint Server Spoofing Vulnerability
7.6HIGH
 CVE-2021-40483
all versions
Microsoft SharePoint Server Spoofing Vulnerability
7.6HIGH
 CVE-2021-40482
all versions
Microsoft SharePoint Server Information Disclosure Vulnerability
5.3MEDIUM
 CVE-2021-38651
all versions
Microsoft SharePoint Server Spoofing Vulnerability
7.6HIGH
 CVE-2021-36940
all versions
Microsoft SharePoint Server Spoofing Vulnerability
7.6HIGH
 CVE-2021-34467
all versions
Microsoft SharePoint Server Remote Code Execution Vulnerability
7.1HIGH
 CVE-2021-34520
all versions
Microsoft SharePoint Server Remote Code Execution Vulnerability
8.1HIGH
 CVE-2021-34519
all versions
Microsoft SharePoint Server Information Disclosure Vulnerability
5.3MEDIUM
 CVE-2021-34517
all versions
Microsoft SharePoint Server Spoofing Vulnerability
5.3MEDIUM
 CVE-2021-34468
all versions
Microsoft SharePoint Server Remote Code Execution Vulnerability
7.1HIGH
 CVE-2021-31966
all versions
Microsoft SharePoint Server Remote Code Execution Vulnerability
7.2HIGH
 CVE-2021-31965
all versions
Microsoft SharePoint Server Information Disclosure Vulnerability
5.7MEDIUM
 CVE-2021-31964
all versions
Microsoft SharePoint Server Spoofing Vulnerability
7.6HIGH
 CVE-2021-31963
all versions
Microsoft SharePoint Server Remote Code Execution Vulnerability
7.1HIGH
 CVE-2021-31950
all versions
Microsoft SharePoint Server Spoofing Vulnerability
7.6HIGH
 CVE-2021-31948
all versions
Microsoft SharePoint Server Spoofing Vulnerability
7.6HIGH
 CVE-2021-26420
all versions
Microsoft SharePoint Server Remote Code Execution Vulnerability
7.1HIGH
 CVE-2021-31181
all versions
Microsoft SharePoint Remote Code Execution Vulnerability
8.8HIGH
 CVE-2021-31173
all versions
Microsoft SharePoint Server Information Disclosure Vulnerability
5.3MEDIUM
 CVE-2021-31172
all versions
Microsoft SharePoint Server Spoofing Vulnerability
7.1HIGH
 CVE-2021-31171
all versions
Microsoft SharePoint Information Disclosure Vulnerability
4.1MEDIUM
 CVE-2021-28478
all versions
Microsoft SharePoint Server Spoofing Vulnerability
7.6HIGH
 CVE-2021-28474
all versions
Microsoft SharePoint Server Remote Code Execution Vulnerability
8.8HIGH
 CVE-2021-26418
all versions
Microsoft SharePoint Server Spoofing Vulnerability
4.6MEDIUM
 CVE-2021-28453
all versions
Microsoft Word Remote Code Execution Vulnerability
7.8HIGH
 CVE-2021-28450
all versions
Microsoft SharePoint Denial of Service Vulnerability
5.0MEDIUM
 CVE-2021-27076
all versions
Microsoft SharePoint Server Remote Code Execution Vulnerability
8.8HIGH
 CVE-2021-27052
all versions
Microsoft SharePoint Server Information Disclosure Vulnerability
5.3MEDIUM
 CVE-2021-24104
all versions
Microsoft SharePoint Server Spoofing Vulnerability
4.6MEDIUM
 CVE-2021-24072
all versions
Microsoft SharePoint Server Remote Code Execution Vulnerability
8.8HIGH
 CVE-2021-24071
all versions
Microsoft SharePoint Information Disclosure Vulnerability
5.3MEDIUM
 CVE-2021-24066
all versions
Microsoft SharePoint Remote Code Execution Vulnerability
8.8HIGH
 CVE-2021-1726
all versions
Microsoft SharePoint Server Spoofing Vulnerability
8.0HIGH
 CVE-2021-1719
all versions
Microsoft SharePoint Elevation of Privilege Vulnerability
8.0HIGH
 CVE-2021-1717
all versions
Microsoft SharePoint Server Spoofing Vulnerability
4.6MEDIUM
 CVE-2021-1716
all versions
Microsoft Word Remote Code Execution Vulnerability
7.8HIGH
 CVE-2021-1715
all versions
Microsoft Word Remote Code Execution Vulnerability
7.8HIGH
 CVE-2021-1712
all versions
Microsoft SharePoint Elevation of Privilege Vulnerability
8.0HIGH
 CVE-2021-1707
all versions
Microsoft SharePoint Server Remote Code Execution Vulnerability
8.8HIGH
 CVE-2021-1641
all versions
Microsoft SharePoint Server Spoofing Vulnerability
4.6MEDIUM
 CVE-2020-17122
all versions
Microsoft Excel Remote Code Execution Vulnerability
7.8HIGH
 CVE-2020-17121
all versions
Microsoft SharePoint Remote Code Execution Vulnerability
8.8HIGH
 CVE-2020-17120
all versions
Microsoft SharePoint Information Disclosure Vulnerability
5.3MEDIUM
 CVE-2020-17118
all versions
Microsoft SharePoint Remote Code Execution Vulnerability
8.1HIGH
 CVE-2020-17115
all versions
Microsoft SharePoint Server Spoofing Vulnerability
8.0HIGH
 CVE-2020-17089
all versions
Microsoft SharePoint Elevation of Privilege Vulnerability
7.1HIGH
 CVE-2020-17061
all versions
Microsoft SharePoint Remote Code Execution Vulnerability
8.8HIGH
 CVE-2020-17060
all versions
Microsoft SharePoint Server Spoofing Vulnerability
5.4MEDIUM
 CVE-2020-17017
all versions
Microsoft SharePoint Information Disclosure Vulnerability
5.3MEDIUM
 CVE-2020-17016
all versions
Microsoft SharePoint Server Spoofing Vulnerability
8.0HIGH
 CVE-2020-17015
all versions
Microsoft SharePoint Server Spoofing Vulnerability
4.3MEDIUM
 CVE-2020-16979
all versions
Microsoft SharePoint Information Disclosure Vulnerability
5.3MEDIUM
 CVE-2020-16953
all versions
<p>An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An
6.5MEDIUM
 CVE-2020-16952
all versions
<p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an a
8.6HIGH
 CVE-2020-16951
all versions
<p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an a
8.6HIGH
 CVE-2020-16950
all versions
<p>An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An
5.0MEDIUM
 CVE-2020-16948
all versions
<p>An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An
6.5MEDIUM
 CVE-2020-16946
all versions
<p>A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially craft
8.7HIGH
 CVE-2020-16945
all versions
<p>A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially craft
8.7HIGH
 CVE-2020-16944
all versions
<p>This vulnerability is caused when SharePoint Server does not properly sanitize a specially crafted request to an affected Share
8.7HIGH
 CVE-2020-16942
all versions
<p>An information disclosure vulnerability exists when Microsoft SharePoint Server improperly discloses its folder structure when
4.1MEDIUM
 CVE-2020-16941
all versions
<p>An information disclosure vulnerability exists when Microsoft SharePoint Server improperly discloses its folder structure when
4.1MEDIUM
 CVE-2020-16929
all versions
<p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in
7.8HIGH
 CVE-2020-1595
all versions
<p>A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data inpu
9.9CRITICAL
 CVE-2020-1576
all versions
<p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an a
8.5HIGH
 CVE-2020-1523
all versions
<p>A tampering vulnerability exists when Microsoft SharePoint Server fails to properly handle profile data. An attacker who succes
8.9HIGH
 CVE-2020-1514
all versions
<p>A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially craft
5.4MEDIUM
 CVE-2020-1482
all versions
<p>A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially craft
6.3MEDIUM
 CVE-2020-1460
all versions
<p>A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsaf
8.6HIGH
 CVE-2020-1453
all versions
<p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an a
8.6HIGH
 CVE-2020-1452
all versions
<p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an a
8.6HIGH
 CVE-2020-1440
all versions
<p>A tampering vulnerability exists when Microsoft SharePoint Server fails to properly handle profile data. An attacker who succes
6.3MEDIUM
 CVE-2020-1345
all versions
<p>A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially craft
7.4HIGH
 CVE-2020-1338
all versions
<p>A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An
7.8HIGH
 CVE-2020-1335
all versions
<p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in
7.8HIGH
 CVE-2020-1227
all versions
<p>A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially craft
5.4MEDIUM
 CVE-2020-1218
all versions
<p>A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An
7.8HIGH
 CVE-2020-1210
all versions
<p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an a
9.9CRITICAL
 CVE-2020-1205
all versions
<p>A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to
4.6MEDIUM
 CVE-2020-1200
all versions
<p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an a
8.6HIGH
 CVE-2020-1198
all versions
<p>A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially craft
7.4HIGH
 CVE-2020-1583
all versions
An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. An attacker wh
8.8HIGH
 CVE-2020-1580
all versions
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted
5.4MEDIUM
 CVE-2020-1573
all versions
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted
5.5MEDIUM
 CVE-2020-1505
all versions
An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An att
5.5MEDIUM
 CVE-2020-1503
all versions
An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. An attacker wh
5.5MEDIUM
 CVE-2020-1502
all versions
An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. An attacker wh
5.5MEDIUM
 CVE-2020-1501
all versions
A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an
5.4MEDIUM
 CVE-2020-1500
all versions
A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an
5.4MEDIUM
 CVE-2020-1499
all versions
A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an
5.4MEDIUM
 CVE-2020-1495
all versions
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in mem
8.8HIGH
 CVE-2020-1456
all versions
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted
5.4MEDIUM
 CVE-2020-1454
all versions
This vulnerability is caused when SharePoint Server does not properly sanitize a specially crafted request to an affected SharePoi
5.4MEDIUM
 CVE-2020-1451
all versions
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted
5.4MEDIUM
 CVE-2020-1450
all versions
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted
5.4MEDIUM
 CVE-2020-1448
all versions
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'M
8.8HIGH
 CVE-2020-1447
all versions
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'M
8.8HIGH
 CVE-2020-1446
all versions
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'M
8.8HIGH
 CVE-2020-1444
all versions
A remote code execution vulnerability exists in the way Microsoft SharePoint software parses specially crafted email messages, aka
4.3MEDIUM
 CVE-2020-1443
all versions
A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an
5.4MEDIUM
 CVE-2020-1439
all versions
A remote code execution vulnerability exists in PerformancePoint Services for SharePoint Server when the software fails to check t
8.8HIGH
 CVE-2020-1342
all versions
An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized va
5.5MEDIUM
 CVE-2020-1147
all versions
A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to
7.8HIGH
 CVE-2020-1025
all versions
An elevation of privilege vulnerability exists when Microsoft SharePoint Server and Skype for Business Server improperly handle OA
9.8CRITICAL
 CVE-2020-1323
all versions
An open redirect vulnerability exists in Microsoft SharePoint that could lead to spoofing.To exploit the vulnerability, an attacke
6.1MEDIUM
 CVE-2020-1320
all versions
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted
5.4MEDIUM
 CVE-2020-1318
all versions
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted
5.4MEDIUM
 CVE-2020-1298
all versions
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted
5.4MEDIUM
 CVE-2020-1297
all versions
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted
5.4MEDIUM
 CVE-2020-1295
all versions
An elevation of privilege vulnerability exists in Microsoft SharePoint, aka 'Microsoft SharePoint Elevation of Privilege Vulnerabi
8.8HIGH
 CVE-2020-1183
all versions
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted
5.4MEDIUM
 CVE-2020-1181
all versions
A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe A
8.8HIGH
 CVE-2020-1178
all versions
An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted aut
8.8HIGH
 CVE-2020-1177
all versions
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted
5.4MEDIUM
 CVE-2020-1148
all versions
A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an
5.4MEDIUM
 CVE-2020-1107
all versions
A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an
5.4MEDIUM
 CVE-2020-1106
all versions
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted
6.1MEDIUM
 CVE-2020-1105
all versions
A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an
5.4MEDIUM
 CVE-2020-1104
all versions
A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an
5.4MEDIUM
 CVE-2020-1103
all versions
An information disclosure vulnerability exists where certain modes of the search function in Microsoft SharePoint Server are vulne
6.5MEDIUM
 CVE-2020-1102
all versions
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an appl
8.8HIGH
 CVE-2020-1101
all versions
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted
5.4MEDIUM
 CVE-2020-1100
all versions
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted
5.4MEDIUM
 CVE-2020-1099
all versions
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted
5.4MEDIUM
 CVE-2020-1069
all versions
A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe A
8.8HIGH
 CVE-2020-1024
all versions
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an appl
8.8HIGH
 CVE-2020-1023
all versions
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an appl
8.8HIGH
 CVE-2020-0980
all versions
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'M
7.8HIGH
 CVE-2020-0978
all versions
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted
5.4MEDIUM
 CVE-2020-0977
all versions
A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an
5.4MEDIUM
 CVE-2020-0975
all versions
A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an
5.4MEDIUM
 CVE-2020-0974
all versions
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an appl
8.8HIGH
 CVE-2020-0973
all versions
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted
5.4MEDIUM
 CVE-2020-0972
all versions
A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an
5.4MEDIUM
 CVE-2020-0971
all versions
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an appl
8.8HIGH
 CVE-2020-0954
all versions
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted
5.4MEDIUM
 CVE-2020-0933
all versions
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted
5.4MEDIUM
 CVE-2020-0932
all versions
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an appl
8.8HIGH
 CVE-2020-0931
all versions
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an appl
8.8HIGH
 CVE-2020-0930
all versions
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted
5.4MEDIUM
 CVE-2020-0929
all versions
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an appl
8.8HIGH
 CVE-2020-0927
all versions
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted
5.4MEDIUM
 CVE-2020-0926
all versions
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted
5.4MEDIUM
 CVE-2020-0925
all versions
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted
5.4MEDIUM
 CVE-2020-0924
all versions
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted
5.4MEDIUM
 CVE-2020-0923
all versions
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted
5.4MEDIUM
 CVE-2020-0920
all versions
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an appl
8.8HIGH
 CVE-2020-0894
all versions
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted
5.4MEDIUM
 CVE-2020-0893
all versions
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted
5.4MEDIUM
 CVE-2020-0892
all versions
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'M
7.8HIGH
 CVE-2020-0891
all versions
This vulnerability is caused when SharePoint Server does not properly sanitize a specially crafted request to an affected SharePoi
5.4MEDIUM
 CVE-2020-0852
all versions
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'M
7.8HIGH
 CVE-2020-0850
all versions
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'M
8.8HIGH
 CVE-2019-1443
all versions
An information disclosure vulnerability exists in Microsoft SharePoint when an attacker uploads a specially crafted file to the Sh
6.5MEDIUM
 CVE-2019-1442
all versions
A security feature bypass vulnerability exists when Microsoft Office does not validate URLs.An attacker could send a victim a spec
5.5MEDIUM
 CVE-2019-1296
all versions
A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data input,
8.8HIGH
 CVE-2019-1295
all versions
A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data input,
8.8HIGH
 CVE-2019-1261
all versions
A spoofing vulnerability exists in Microsoft SharePoint when it improperly handles requests to authorize applications, resulting i
8.8HIGH
 CVE-2019-1260
all versions
An elevation of privilege vulnerability exists in Microsoft SharePoint, aka 'Microsoft SharePoint Elevation of Privilege Vulnerabi
6.5MEDIUM
 CVE-2019-1257
all versions
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an appl
8.8HIGH
 CVE-2019-1205
all versions
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An att
9.8CRITICAL
 CVE-2019-1203
all versions
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted
5.4MEDIUM
 CVE-2019-1202
all versions
An information disclosure vulnerability exists in the way Microsoft SharePoint handles session objects. An authenticated attacker
4.4MEDIUM
 CVE-2019-1201
all versions
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An att
7.8HIGH
 CVE-2019-1134
all versions
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted
5.4MEDIUM
 CVE-2019-1006
all versions
An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), all
7.5HIGH
 CVE-2019-1036
all versions
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted
5.4MEDIUM
 CVE-2019-1035
all versions
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An att
7.8HIGH
 CVE-2019-1034
all versions
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An att
7.8HIGH
 CVE-2019-1033
all versions
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted
5.4MEDIUM
 CVE-2019-1032
all versions
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted
5.4MEDIUM
 CVE-2019-1031
all versions
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted
5.4MEDIUM
 CVE-2019-0958
all versions
An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web
8.8HIGH
 CVE-2019-0957
all versions
An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web
8.8HIGH
 CVE-2019-0950
all versions
A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an
5.7MEDIUM
 CVE-2019-0949
all versions
A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an
5.7MEDIUM
 CVE-2019-0831
all versions
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted
5.4MEDIUM
 CVE-2019-0830
all versions
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted
5.4MEDIUM
 CVE-2019-0604
all versions
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an appl
9.8CRITICAL
 CVE-2019-0594
all versions
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an appl
8.8HIGH
 CVE-2019-0585
all versions
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka "M
8.8HIGH
 CVE-2019-0562
all versions
An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web
5.4MEDIUM
 CVE-2019-0561
all versions
An information disclosure vulnerability exists when Microsoft Word macro buttons are used improperly, aka "Microsoft Word Informat
5.5MEDIUM
 CVE-2019-0558
all versions
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted
5.4MEDIUM
 CVE-2019-0557
all versions
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted
5.4MEDIUM
 CVE-2019-0556
all versions
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted
5.4MEDIUM
 CVE-2018-8635
all versions
An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted aut
8.8HIGH
 CVE-2018-8628
all versions
A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects i
7.8HIGH
 CVE-2018-8627
all versions
An information disclosure vulnerability exists when Microsoft Excel software reads out of bound memory due to an uninitialized var
5.5MEDIUM
 CVE-2018-8580
all versions
An information disclosure vulnerability exists where certain modes of the search function in Microsoft SharePoint Server are vulne
4.3MEDIUM
 CVE-2018-8572
all versions
An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web
5.4MEDIUM
 CVE-2018-8568
all versions
An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web
5.4MEDIUM
 CVE-2018-8539
all versions
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka "M
7.8HIGH
 CVE-2018-8504
all versions
A remote code execution vulnerability exists in Microsoft Word software when the software fails to properly handle objects in Prot
8.8HIGH
 CVE-2018-8431
all versions
An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web
5.4MEDIUM
 CVE-2018-8378
all versions
An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized va
5.5MEDIUM
 CVE-2018-8284
all versions
A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka ".NET Framewo
8.1HIGH
 CVE-2018-8254
all versions
An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web
5.4MEDIUM
 CVE-2018-8252
all versions
An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web
5.4MEDIUM
 CVE-2018-8168
all versions
An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web
5.4MEDIUM
 CVE-2018-8161
all versions
A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in me
7.8HIGH
 CVE-2018-8160
all versions
An information disclosure vulnerability exists in Outlook when a message is opened, aka "Microsoft Outlook Information Disclosure
6.5MEDIUM
 CVE-2018-8156
all versions
An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web
5.4MEDIUM
 CVE-2018-8155
all versions
An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web
5.4MEDIUM
 CVE-2018-8149
all versions
An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web
5.4MEDIUM
 CVE-2018-0922
all versions
Microsoft Office 2010 SP2, 2013 SP1, and 2016, Microsoft Office 2016 Click-to-Run Microsoft Office 2016 for Mac, Microsoft Office
7.8HIGH
 CVE-2018-0919
all versions
Microsoft Office 2010 SP2, 2013 SP1, and 2016, Microsoft Office 2016 Click-to-Run Microsoft Office 2016 for Mac, Microsoft Office
3.3LOW
 CVE-2018-0864
all versions
SharePoint Project Server 2013 and SharePoint Enterprise Server 2016 allow an information disclosure vulnerability due to how web
5.4MEDIUM
 CVE-2018-0797
all versions
Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way
7.8HIGH
 CVE-2018-0792
all versions
Microsoft Word 2016 in Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in me
8.8HIGH
 CVE-2018-0789
all versions
Microsoft SharePoint Foundation 2010, Microsoft SharePoint Server 2013 and Microsoft SharePoint Server 2016 allow an elevation of
8.8HIGH
 CVE-2017-11826
all versions
Microsoft Office 2010, SharePoint Enterprise Server 2010, SharePoint Server 2010, Web Applications, Office Web Apps Server 2010 an
7.8HIGH
 CVE-2017-8743
all versions
A remote code execution vulnerability exists in Microsoft PowerPoint 2016, Microsoft SharePoint Enterprise Server 2016, and Office
7.8HIGH
 CVE-2017-8742
all versions
A remote code execution vulnerability exists in Microsoft PowerPoint 2007 Service Pack 3, Microsoft PowerPoint 2010 Service Pack 2
7.8HIGH
 CVE-2017-8629
all versions
Microsoft SharePoint Server 2013 Service Pack 1 allows an elevation of privilege vulnerability when it fails to properly sanitize
5.4MEDIUM
 CVE-2017-8654
all versions
Microsoft SharePoint Server 2010 Service Pack 2 allows a cross-site scripting (XSS) vulnerability when it does not properly saniti
5.4MEDIUM
 CVE-2017-8569
all versions
Microsoft SharePoint Server allows an elevation of privilege vulnerability due to the way that it sanitizes a specially crafted we
8.8HIGH
 CVE-2017-8501
all versions
Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka "Microsoft Off
7.8HIGH
 CVE-2017-8513
all versions
A remote code execution vulnerability exists in Microsoft PowerPoint when the software fails to properly handle objects in memory,
7.8HIGH
 CVE-2017-8511
all versions
A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka
7.8HIGH
 CVE-2017-8509
all versions
A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka
8.8HIGH
 CVE-2017-0281
all versions
Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2016, Office Online Server 2016, Office Web Apps 2010 SP2,Offi
7.8HIGH
 CVE-2017-0254
all versions
Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Office for Mac 2011, Office for Mac 2016, Micr
7.8HIGH
 CVE-2017-0195
all versions
Microsoft Excel Services on Microsoft SharePoint Server 2010 SP1 and SP2, Microsoft Excel Web Apps 2010 SP2, Microsoft Office Web
5.4MEDIUM
 CVE-2017-0105
all versions
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word for Mac 2011, Office Compatibility Pack SP3, Word Automation Service
5.5MEDIUM
 CVE-2017-0052
all versions
Microsoft Office Compatibility Pack SP3, Excel 2007 SP3, Excel Viewer, and Excel Services on SharePoint Server 2007 SP3 allow remo
7.8HIGH
 CVE-2017-0030
all versions
Microsoft Office 2010 SP2, Office Compatibility Pack SP3, Office Web Apps Server 2010 SP2, Word 2007 SP3, Word 2010 SP2, and Word
7.8HIGH
 CVE-2017-0027
all versions
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, and Excel Services on Shar
4.7MEDIUM
 CVE-2017-0006
all versions
Microsoft Excel 2007 SP3, Office Compatibility Pack SP3, Excel Viewer, and Excel Services on SharePoint Server 2007 SP3 allow remo
7.8HIGH
 CVE-2016-7291
all versions
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Word for Mac 2011, Word Automation Service
7.1HIGH
 CVE-2016-7290
all versions
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Word for Mac 2011, Word Automation Service
7.1HIGH
 CVE-2016-7268
all versions
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Word Viewer, Word for Mac 2011, Word Autom
7.1HIGH
 CVE-2016-7265
all versions
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, Excel View
7.1HIGH
 CVE-2016-7236
all versions
Microsoft Excel 2010 SP2, Excel for Mac 2011, Excel 2016 for Mac, and Excel Services on SharePoint Server 2010 SP2 allow remote at
7.8HIGH
 CVE-2016-7234
all versions
Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word for Mac 2011, Excel for Mac 2011, Word
7.8HIGH
 CVE-2016-7233
all versions
Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word for Mac 2011, Excel for Mac 2011, Word Viewer, Office Compatibility Pack
6.5MEDIUM
 CVE-2016-3282
all versions
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016
7.8HIGH
 CVE-2016-3281
all versions
Microsoft Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Word A
7.8HIGH
 CVE-2016-3279
all versions
Microsoft Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Excel 2013 SP1, PowerPoint 2013 SP1, Word 2013 SP1,
5.5MEDIUM
 CVE-2016-3234
all versions
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on S
5.5MEDIUM
 CVE-2016-0025
all versions
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Office 2016, Word 2016, Word for Mac 201
7.3HIGH
 CVE-2016-0183
all versions
The Windows font library in Microsoft Office 2010 SP2, Word 2010 SP2, Word Automation Services on SharePoint Server 2010 SP2, and
8.8HIGH
 CVE-2016-0140
all versions
Microsoft Office 2007 SP3, Office 2010 SP2, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 a
7.8HIGH
 CVE-2016-0127
all versions
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Office Compatibility Pack SP3, Word View
7.8HIGH
 CVE-2016-0134
all versions
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016
7.8HIGH
 CVE-2016-0054
all versions
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, O
7.8HIGH
 CVE-2016-0053
all versions
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Office Compatibility Pack SP3
7.8HIGH
 CVE-2016-0052
all versions
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016
7.8HIGH
 CVE-2016-0022
all versions
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016
7.8HIGH
 CVE-2016-0011
all versions
Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP1 allow remote authenticated users to bypass intended Access
5.4MEDIUM
 CVE-2015-6117
all versions
Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP1 allow remote authenticated users to bypass intended Access
6.1MEDIUM
 CVE-2015-6094
all versions
Microsoft Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, and Excel Service
 CVE-2015-6093
all versions
Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office 2016, Word Automation Services on SharePoi
 CVE-2015-6038
all versions
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, O
 CVE-2015-6039
all versions
Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP1 allows remote
 CVE-2015-6037
all versions
Cross-site scripting (XSS) vulnerability in Microsoft Excel Services on SharePoint Server 2010 SP2 and 2013 SP1, Office Web Apps 2
 CVE-2015-2558
all versions
Use-after-free vulnerability in Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for
 CVE-2015-2556
all versions
The InfoPath Forms Services component in Microsoft SharePoint Server 2007 SP3 and 2010 SP2 misparses DTDs, which allows remote att
 CVE-2015-2555
all versions
Use-after-free vulnerability in Microsoft Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel
 CVE-2015-2468
all versions
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Office for Mac 2011, Office for Mac 2016
 CVE-2015-2375
all versions
Microsoft Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel Viewer 2007 SP3, Excel Services on SharePoint Server 2010 SP2,
 CVE-2015-1700
all versions
Microsoft SharePoint Server 2007 SP3, SharePoint Foundation 2010 SP2, SharePoint Server 2010 SP2, and SharePoint Foundation 2013 S
 CVE-2015-1682
all versions
Microsoft Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Office 2013 SP1, Excel 2013 SP1, PowerPoint 2013 SP
 CVE-2015-1653
all versions
Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Foundation 2013 SP1 and SharePoint Server 2013 SP1 allows remote
 CVE-2015-1650
all versions
Use-after-free vulnerability in Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word Vie
 CVE-2015-1649
all versions
Use-after-free vulnerability in Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word Viewer, Office Compatibility Pack SP
 CVE-2015-1641
all versions
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word for Mac 2011, Office Compatibility
7.8HIGH
 CVE-2015-1636
all versions
Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Foundation 2013 Gold and SP1 and SharePoint Server 2013 Gold and
 CVE-2015-1633
all versions
Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Foundation 2010 SP2, SharePoint Server 2010 SP2, SharePoint Found
 CVE-2015-0086
all versions
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 Gold and SP1, Word 2013 RT Gold and SP1, Word Viewer, Office Co
 CVE-2015-0085
all versions
Use-after-free vulnerability in Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Word 2007 SP3, Office 2010 SP2, Ex
 CVE-2015-0064
all versions
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word Automation Services in SharePoint Server 2010, Web Applications 2010
 CVE-2014-6357
all versions
Use-after-free vulnerability in Microsoft Office 2010 SP2, Office 2013 Gold and SP1, Office 2013 RT Gold and SP1, Office for Mac 2
 CVE-2014-4117
all versions
Microsoft Office 2007 SP3, Word 2007 SP3, Office 2010 SP1 and SP2, Word 2010 SP1 and SP2, Office for Mac 2011, Office Compatibilit
 CVE-2014-2816
all versions
Microsoft SharePoint Server 2013 Gold and SP1 and SharePoint Foundation 2013 Gold and SP1 allow remote authenticated users to gain
 CVE-2014-1754
all versions
Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2013 Gold and SP1, SharePoint Foundation 2013 Gold and SP1
 CVE-2014-0251
all versions
Microsoft Windows SharePoint Services 3.0 SP3; SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 Gold and SP1; SharePoint Fou
 CVE-2014-1761
all versions
Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Word Viewer; Office Compatibility Pack SP3; Office for Mac
7.8HIGH
 CVE-2014-0260
all versions
Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office Compatibility Pack SP3; Word Viewer; SharePoint Ser
 CVE-2013-5059
all versions
Microsoft SharePoint Server 2010 SP1 and SP2 and 2013, and Office Web Apps 2013, allows remote attackers to execute arbitrary code
 CVE-2013-3895
all versions
Microsoft SharePoint Server 2007 SP3 and 2010 SP1 and SP2 allows remote attackers to conduct clickjacking attacks via a crafted we
 CVE-2013-3889
all versions
Microsoft Excel 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office for Ma
 CVE-2013-3858
all versions
Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Wo
 CVE-2013-3857
all versions
Microsoft Word Automation Services in SharePoint Server 2010 SP1 and SP2, Word Web App 2010 SP1 and SP2 in Office Web Apps 2010, W
 CVE-2013-3849
all versions
Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Wo
 CVE-2013-3848
all versions
Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Wo
 CVE-2013-3847
all versions
Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Wo
 CVE-2013-3180
all versions
Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2010 SP1 and SP2 and 2013 allows remote attackers to injec
 CVE-2013-3179
all versions
Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 allows remote attacke
 CVE-2013-1330
all versions
The default configuration of Microsoft SharePoint Portal Server 2003 SP3, SharePoint Server 2007 SP3 and 2010 SP1 and SP2, and Off
 CVE-2013-1315
all versions
Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013; Office Web Apps 2010; Excel 2003 SP3, 2007 SP3, 2010 SP1 and SP2
 CVE-2013-0081
all versions
Microsoft SharePoint Portal Server 2003 SP3 and SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 do not properly process una
 CVE-2013-1290
all versions
Microsoft SharePoint Server 2013, in certain configurations involving legacy My Sites, does not properly establish default access
 CVE-2013-1289
all versions
Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2010 SP1, Groove Server 2010 SP1, SharePoint Foundation 20
 CVE-2013-0086
all versions
Microsoft OneNote 2010 SP1 does not properly determine buffer sizes during memory allocation, which allows remote attackers to obt
 CVE-2013-0085
all versions
Buffer overflow in Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1 allows remote attackers to cause a deni
 CVE-2013-0084
all versions
Directory traversal vulnerability in Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1 allows remote attacke
 CVE-2013-0083
all versions
Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2010 SP1 allows remote attackers to inject arbitrary web s
 CVE-2013-0080
all versions
Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1 allow remote attackers to bypass intended read restriction
 CVE-2013-0007
all versions
Microsoft XML Core Services (aka MSXML) 4.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to ex
 CVE-2013-0006
all versions
Microsoft XML Core Services (aka MSXML) 3.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to ex
8.8HIGH
 CVE-2012-2539
all versions
Microsoft Word 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Word Viewer; Office Compatibility Pack SP2 and SP3; and Office Web Apps 2
7.8HIGH
 CVE-2012-2520
all versions
Cross-site scripting (XSS) vulnerability in Microsoft InfoPath 2007 SP2 and SP3 and 2010 SP1, Communicator 2007 R2, Lync 2010 and
 CVE-2012-1863
all versions
Cross-site scripting (XSS) vulnerability in Microsoft Office SharePoint Server 2007 SP2 and SP3 Windows SharePoint Services 3.0 SP
 CVE-2012-1862
all versions
Open redirect vulnerability in Microsoft Office SharePoint Server 2007 SP2 and SP3 allows remote attackers to redirect users to ar
 CVE-2012-1861
all versions
Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2010 Gold and SP1, SharePoint Foundation 2010 Gold and SP1
 CVE-2012-1860
all versions
Microsoft Office SharePoint Server 2007 SP2 and SP3, SharePoint Server 2010 Gold and SP1, and Office Web Apps 2010 Gold and SP1 do
 CVE-2012-1859
all versions
Cross-site scripting (XSS) vulnerability in scriptresx.ashx in Microsoft SharePoint Server 2010 Gold and SP1, SharePoint Foundatio
 CVE-2012-0145
all versions
Cross-site scripting (XSS) vulnerability in wizardlist.aspx in Microsoft Office SharePoint Server 2010 Gold and SP1 and SharePoint
 CVE-2012-0144
all versions
Cross-site scripting (XSS) vulnerability in themeweb.aspx in Microsoft Office SharePoint Server 2010 Gold and SP1 and SharePoint F
 CVE-2011-1990
all versions
Microsoft Excel 2007 SP2; Excel in Office 2007 SP2; Excel Viewer SP2; Office Compatibility Pack for Word, Excel, and PowerPoint 20
 CVE-2011-1989
all versions
Microsoft Excel 2003 SP3 and 2007 SP2; Excel in Office 2007 SP2; Excel 2010 Gold and SP1; Excel in Office 2010 Gold and SP1; Offic
 CVE-2011-1893
all versions
Cross-site scripting (XSS) vulnerability in Microsoft Office SharePoint Server 2010, Windows SharePoint Services 2.0 and 3.0 SP2,
 CVE-2011-1892
all versions
Microsoft Office Groove 2007 SP2, SharePoint Workspace 2010 Gold and SP1, Office Forms Server 2007 SP2, Office SharePoint Server 2
 CVE-2011-1890
all versions
Cross-site scripting (XSS) vulnerability in EditForm.aspx in Microsoft Office SharePoint Server 2010 and SharePoint Foundation 201
 CVE-2011-0653
all versions
Cross-site scripting (XSS) vulnerability in Microsoft Office SharePoint Server 2010 Gold and SP1, and SharePoint Foundation 2010,
 CVE-2010-3964
all versions
Unrestricted file upload vulnerability in the Document Conversions Launcher Service in Microsoft Office SharePoint Server 2007 SP2
 CVE-2010-3243
all versions
Cross-site scripting (XSS) vulnerability in the toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function
4.3MEDIUM
 CVE-2010-3324
all versions
The toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0
 CVE-2010-1257
all versions
Cross-site scripting (XSS) vulnerability in the toStaticHTML API, as used in Microsoft Office InfoPath 2003 SP3, 2007 SP1, and 200
 CVE-2010-0817
all versions
Cross-site scripting (XSS) vulnerability in _layouts/help.aspx in Microsoft SharePoint Server 2007 12.0.0.6421 and possibly earlie
 CVE-2010-0716
<= 2007
_layouts/Upload.aspx in the Documents module in Microsoft SharePoint before 2010 uses URLs with the same hostname and port number
 CVE-2009-3830
all versions
The download functionality in Team Services in Microsoft Office SharePoint Server 2007 12.0.0.4518 and 12.0.0.6219 allows remote a
 CVE-2008-5026
all versions
Microsoft SharePoint uses URLs with the same hostname and port number for a web site's primary files and individual users' uploade
 CVE-2008-4019
all versions
Integer overflow in the REPT function in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2 and SP3, and 2007 Gold and SP1; Office Excel
 CVE-2008-3006
all versions
Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP2 and SP3, and 2007 Gold and SP1; Office Excel Viewer 2003 Gold and SP3; Office
 CVE-2008-1888
all versions
Cross-site scripting (XSS) vulnerability in Microsoft Windows SharePoint Services 2.0 allows remote attackers to inject arbitrary
 CVE-2007-2581
all versions
Multiple cross-site scripting (XSS) vulnerabilities in Microsoft Windows SharePoint Services 3.0 for Windows Server 2003 and Offic
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin