Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Microsoft Subscribe
Filtered by product Sharepoint Server
Total 408 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-21840 1 Microsoft 6 Excel, Office, Office Online Server and 3 more 2024-11-14 6.8 MEDIUM 8.8 HIGH
Microsoft Office Remote Code Execution Vulnerability
CVE-2022-21837 1 Microsoft 2 Sharepoint Foundation, Sharepoint Server 2024-11-14 9.0 HIGH 8.8 HIGH
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2024-38094 1 Microsoft 1 Sharepoint Server 2024-10-23 N/A 7.2 HIGH
Microsoft SharePoint Remote Code Execution Vulnerability
CVE-2010-3243 1 Microsoft 8 Internet Explorer, Sharepoint Server, Sharepoint Services and 5 more 2024-10-17 4.3 MEDIUM 4.3 MEDIUM
Cross-site scripting (XSS) vulnerability in the toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2 and Office SharePoint Server 2007 SP2, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "HTML Sanitization Vulnerability."
CVE-2024-43503 1 Microsoft 1 Sharepoint Server 2024-10-17 N/A 7.8 HIGH
Microsoft SharePoint Elevation of Privilege Vulnerability
CVE-2021-1719 1 Microsoft 2 Sharepoint Enterprise Server, Sharepoint Server 2024-10-08 6.0 MEDIUM 8.0 HIGH
Microsoft SharePoint Elevation of Privilege Vulnerability
CVE-2021-1717 1 Microsoft 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server 2024-10-08 5.8 MEDIUM 4.6 MEDIUM
Microsoft SharePoint Server Spoofing Vulnerability
CVE-2021-1716 1 Microsoft 8 365 Apps, Office, Office Online Server and 5 more 2024-10-08 9.3 HIGH 7.8 HIGH
Microsoft Word Remote Code Execution Vulnerability
CVE-2021-1715 1 Microsoft 8 365 Apps, Office, Office Online Server and 5 more 2024-10-08 9.3 HIGH 7.8 HIGH
Microsoft Word Remote Code Execution Vulnerability
CVE-2021-1712 1 Microsoft 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server 2024-10-08 6.0 MEDIUM 8.0 HIGH
Microsoft SharePoint Elevation of Privilege Vulnerability
CVE-2021-1707 1 Microsoft 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server 2024-10-08 9.0 HIGH 8.8 HIGH
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2021-1641 1 Microsoft 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server 2024-10-08 5.8 MEDIUM 4.6 MEDIUM
Microsoft SharePoint Server Spoofing Vulnerability
CVE-2024-38018 1 Microsoft 1 Sharepoint Server 2024-09-18 N/A 8.8 HIGH
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2024-38228 1 Microsoft 1 Sharepoint Server 2024-09-17 N/A 7.2 HIGH
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2024-38227 1 Microsoft 1 Sharepoint Server 2024-09-17 N/A 7.2 HIGH
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2024-33881 2 Microsoft, Virtosoftware 2 Sharepoint Server, Sharepoint Bulk File Download 2024-09-15 N/A 5.3 MEDIUM
An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. The Virto.SharePoint.FileDownloader/Api/Download.ashx isCompleted method allows an NTLMv2 hash leak via a UNC share pathname in the path parameter.
CVE-2024-43464 1 Microsoft 1 Sharepoint Server 2024-09-13 N/A 7.2 HIGH
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2024-43466 1 Microsoft 1 Sharepoint Server 2024-09-13 N/A 7.5 HIGH
Microsoft SharePoint Server Denial of Service Vulnerability
CVE-2022-30159 1 Microsoft 3 Office Online Server, Office Web Apps Server, Sharepoint Server 2024-09-10 4.3 MEDIUM 5.5 MEDIUM
Microsoft Office Information Disclosure Vulnerability
CVE-2024-33879 2 Microsoft, Virtosoftware 2 Sharepoint Server, Sharepoint Bulk File Download 2024-08-01 N/A 9.8 CRITICAL
An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. The Virto.SharePoint.FileDownloader/Api/Download.ashx isCompleted method allows arbitrary file download and deletion via absolute path traversal in the path parameter.