Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Sharepoint_server
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 403 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-06-15 | CVE-2022-30172 | Microsoft Office Information Disclosure Vulnerability | Office_online_server, Office_web_apps_server, Sharepoint_server | 5.5 | ||
| 2022-10-11 | CVE-2022-38053 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Sharepoint_enterprise_server, Sharepoint_foundation, Sharepoint_server | 8.8 | ||
| 2022-10-11 | CVE-2022-41036 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Sharepoint_foundation, Sharepoint_server | 8.8 | ||
| 2022-10-11 | CVE-2022-41037 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Sharepoint_foundation, Sharepoint_server | 8.8 | ||
| 2022-10-11 | CVE-2022-41038 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Sharepoint_foundation, Sharepoint_server | 8.8 | ||
| 2010-06-08 | CVE-2010-1257 | Cross-site scripting (XSS) vulnerability in the toStaticHTML API, as used in Microsoft Office InfoPath 2003 SP3, 2007 SP1, and 2007 SP2; Office SharePoint Server 2007 SP1 and SP2; SharePoint Services 3.0 SP1 and SP2; and Internet Explorer 8 allows remote attackers to inject arbitrary web script or HTML via vectors related to sanitization. | Internet_explorer, Office_infopath, Sharepoint_server, Sharepoint_services | N/A | ||
| 2013-01-09 | CVE-2013-0006 | Microsoft XML Core Services (aka MSXML) 3.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka "MSXML Integer Truncation Vulnerability." | Expression_web, Groove_server, Office, Office_compatibility_pack, Sharepoint_server, Windows_7, Windows_8, Windows_rt, Windows_server_2003, Windows_server_2008, Windows_server_2012, Windows_vista, Windows_xp, Word_viewer, Xml_core_services | N/A | ||
| 2013-01-09 | CVE-2013-0007 | Microsoft XML Core Services (aka MSXML) 4.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka "MSXML XSLT Vulnerability." | Expression_web, Groove_server, Office, Office_compatibility_pack, Sharepoint_server, Windows_7, Windows_8, Windows_rt, Windows_server_2003, Windows_server_2008, Windows_server_2012, Windows_vista, Windows_xp, Word_viewer, Xml_core_services | N/A | ||
| 2013-09-11 | CVE-2013-1315 | Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013; Office Web Apps 2010; Excel 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office for Mac 2011; Excel Viewer; and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability." | Excel, Excel_viewer, Office, Office_compatibility_pack, Office_web_apps, Sharepoint_foundation, Sharepoint_portal_server, Sharepoint_server, Sharepoint_services | N/A | ||
| 2023-08-08 | CVE-2023-36894 | Microsoft SharePoint Server Information Disclosure Vulnerability | Sharepoint_server | 6.5 |