Filtered by vendor Microsoft
Subscriptions
Filtered by product Sharepoint Server
Subscriptions
Total
424 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2012-2539 | 1 Microsoft | 5 Office Compatibility Pack, Office Web Apps, Office Word Viewer and 2 more | 2024-12-20 | 7.8 High |
Microsoft Word 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Word Viewer; Office Compatibility Pack SP2 and SP3; and Office Web Apps 2010 SP1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted RTF data, aka "Word RTF 'listoverridecount' Remote Code Execution Vulnerability." | ||||
CVE-2012-1889 | 1 Microsoft | 15 Expression Web, Groove, Groove Server and 12 more | 2024-12-19 | 8.8 High |
Microsoft XML Core Services 3.0, 4.0, 5.0, and 6.0 accesses uninitialized memory locations, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. | ||||
CVE-2014-1761 | 1 Microsoft | 7 Office, Office Compatibility Pack, Office Web Apps and 4 more | 2024-12-19 | 7.8 High |
Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Word Viewer; Office Compatibility Pack SP3; Office for Mac 2011; Word Automation Services on SharePoint Server 2010 SP1 and SP2 and 2013; Office Web Apps 2010 SP1 and SP2; and Office Web Apps Server 2013 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted RTF data, as exploited in the wild in March 2014. | ||||
CVE-2024-38094 | 1 Microsoft | 1 Sharepoint Server | 2024-12-10 | 7.2 High |
Microsoft SharePoint Remote Code Execution Vulnerability | ||||
CVE-2024-32987 | 1 Microsoft | 1 Sharepoint Server | 2024-12-10 | 7.5 High |
Microsoft SharePoint Server Information Disclosure Vulnerability | ||||
CVE-2024-38024 | 1 Microsoft | 1 Sharepoint Server | 2024-12-10 | 7.2 High |
Microsoft SharePoint Server Remote Code Execution Vulnerability | ||||
CVE-2024-38023 | 1 Microsoft | 1 Sharepoint Server | 2024-12-10 | 7.2 High |
Microsoft SharePoint Server Remote Code Execution Vulnerability | ||||
CVE-2024-43503 | 1 Microsoft | 1 Sharepoint Server | 2024-12-10 | 7.8 High |
Microsoft SharePoint Elevation of Privilege Vulnerability | ||||
CVE-2024-26251 | 1 Microsoft | 1 Sharepoint Server | 2024-12-05 | 6.8 Medium |
Microsoft SharePoint Server Spoofing Vulnerability | ||||
CVE-2024-21426 | 1 Microsoft | 1 Sharepoint Server | 2024-11-29 | 7.8 High |
Microsoft SharePoint Server Remote Code Execution Vulnerability | ||||
CVE-2024-33881 | 2 Microsoft, Virtosoftware | 2 Sharepoint Server, Sharepoint Bulk File Download | 2024-11-21 | 5.3 Medium |
An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. The Virto.SharePoint.FileDownloader/Api/Download.ashx isCompleted method allows an NTLMv2 hash leak via a UNC share pathname in the path parameter. | ||||
CVE-2024-33880 | 2 Microsoft, Virtosoftware | 2 Sharepoint Server, Sharepoint Bulk File Download | 2024-11-21 | 5.3 Medium |
An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. It discloses full pathnames via Virto.SharePoint.FileDownloader/Api/Download.ashx?action=archive. | ||||
CVE-2024-33879 | 2 Microsoft, Virtosoftware | 2 Sharepoint Server, Sharepoint Bulk File Download | 2024-11-21 | 9.8 Critical |
An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. The Virto.SharePoint.FileDownloader/Api/Download.ashx isCompleted method allows arbitrary file download and deletion via absolute path traversal in the path parameter. | ||||
CVE-2024-30100 | 1 Microsoft | 1 Sharepoint Server | 2024-11-21 | 7.8 High |
Microsoft SharePoint Server Remote Code Execution Vulnerability | ||||
CVE-2024-30044 | 1 Microsoft | 1 Sharepoint Server | 2024-11-21 | 7.2 High |
Microsoft SharePoint Server Remote Code Execution Vulnerability | ||||
CVE-2024-30043 | 1 Microsoft | 1 Sharepoint Server | 2024-11-21 | 6.5 Medium |
Microsoft SharePoint Server Information Disclosure Vulnerability | ||||
CVE-2024-21318 | 1 Microsoft | 1 Sharepoint Server | 2024-11-21 | 8.8 High |
Microsoft SharePoint Server Remote Code Execution Vulnerability | ||||
CVE-2023-38177 | 1 Microsoft | 2 Sharepoint Enterprise Server, Sharepoint Server | 2024-11-21 | 6.1 Medium |
Microsoft SharePoint Server Remote Code Execution Vulnerability | ||||
CVE-2023-36894 | 1 Microsoft | 1 Sharepoint Server | 2024-11-21 | 6.5 Medium |
Microsoft SharePoint Server Information Disclosure Vulnerability | ||||
CVE-2023-36892 | 1 Microsoft | 1 Sharepoint Server | 2024-11-21 | 8 High |
Microsoft SharePoint Server Spoofing Vulnerability |