Sharepoint Server Microsoft Sharepoint Server

Do you want an email whenever new security vulnerabilities are reported in Microsoft Sharepoint Server?

Recent Microsoft Sharepoint Server Security Advisories

Advisory Title Published
CVE-2023-21742 Microsoft SharePoint Server Remote Code Execution Vulnerability January 10, 2023
CVE-2023-21743 Microsoft SharePoint Server Security Feature Bypass Vulnerability January 10, 2023
CVE-2023-21744 Microsoft SharePoint Server Remote Code Execution Vulnerability January 10, 2023
CVE-2022-44690 Microsoft SharePoint Server Remote Code Execution Vulnerability December 13, 2022
CVE-2022-44693 Microsoft SharePoint Server Remote Code Execution Vulnerability December 13, 2022
CVE-2022-41122 Microsoft SharePoint Server Spoofing Vulnerability November 8, 2022
CVE-2022-41062 Microsoft SharePoint Server Remote Code Execution Vulnerability November 8, 2022
CVE-2022-41038 Microsoft SharePoint Server Remote Code Execution Vulnerability October 11, 2022
CVE-2022-38053 Microsoft SharePoint Server Remote Code Execution Vulnerability October 11, 2022
CVE-2022-41037 Microsoft SharePoint Server Remote Code Execution Vulnerability October 11, 2022

@sharepoint Tweets

Save the date for the Microsoft Syntex AMA: New document processing pay-as-you-go metered services on Wednesday, Ma… https://t.co/TBxNuc4Su2
Thu Feb 02 21:05:02 +0000 2023

Now announcing the availability of form customization in #MicrosoftViva Sales! Learn more: https://t.co/NfE4xcj9hI
Thu Feb 02 20:20:00 +0000 2023

#TheIntrazone ��️ "#SharePoint roadmap pitstop: January 2023" @WilliamBaer [Snr. PMM @Microsoft], "Challenge was s… https://t.co/fRudX9Bb4K
Thu Feb 02 16:05:00 +0000 2023

Create a list across @Microsoft365 - new blog + demo video. Learn about all the entry points where you can start a… https://t.co/RPIzUdyBkV
Thu Feb 02 15:24:22 +0000 2023

�� Great #Microsoft365Dev demo by @mediocrebowler on using dynamic SVG images with #MSFTViva Adaptive Cards extensio… https://t.co/i6YT1RtgNb
Thu Feb 02 14:44:08 +0000 2023

By the Year

In 2023 there have been 3 vulnerabilities in Microsoft Sharepoint Server with an average score of 7.6 out of ten. Last year Sharepoint Server had 28 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Sharepoint Server in 2023 could surpass last years number. Last year, the average CVE base score was greater by 0.04

Year Vulnerabilities Average Score
2023 3 7.63
2022 28 7.68
2021 48 7.13
2020 113 6.71
2019 33 6.77
2018 25 6.46

It may take a day or so for new Sharepoint Server vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Microsoft Sharepoint Server Security Vulnerabilities

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2023-21742 8.8 - High - January 10, 2023

Microsoft SharePoint Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2023-21744.

Microsoft SharePoint Server Security Feature Bypass Vulnerability.

CVE-2023-21743 5.3 - Medium - January 10, 2023

Microsoft SharePoint Server Security Feature Bypass Vulnerability.

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2023-21744 8.8 - High - January 10, 2023

Microsoft SharePoint Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2023-21742.

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2022-44690 8.8 - High - December 13, 2022

Microsoft SharePoint Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-44693.

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2022-44693 8.8 - High - December 13, 2022

Microsoft SharePoint Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-44690.

Microsoft Word Information Disclosure Vulnerability

CVE-2022-41060 5.5 - Medium - November 09, 2022

Microsoft Word Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-41103.

Microsoft Word Remote Code Execution Vulnerability.

CVE-2022-41061 7.8 - High - November 09, 2022

Microsoft Word Remote Code Execution Vulnerability.

Microsoft SharePoint Server Remote Code Execution Vulnerability.

CVE-2022-41062 8.8 - High - November 09, 2022

Microsoft SharePoint Server Remote Code Execution Vulnerability.

Microsoft Word Information Disclosure Vulnerability

CVE-2022-41103 5.5 - Medium - November 09, 2022

Microsoft Word Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-41060.

Microsoft SharePoint Server Spoofing Vulnerability.

CVE-2022-41122 6.5 - Medium - November 09, 2022

Microsoft SharePoint Server Spoofing Vulnerability.

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2022-38053 8.8 - High - October 11, 2022

Microsoft SharePoint Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-41036, CVE-2022-41037, CVE-2022-41038.

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2022-41036 8.8 - High - October 11, 2022

Microsoft SharePoint Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-38053, CVE-2022-41037, CVE-2022-41038.

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2022-41037 8.8 - High - October 11, 2022

Microsoft SharePoint Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-38053, CVE-2022-41036, CVE-2022-41038.

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2022-41038 8.8 - High - October 11, 2022

Microsoft SharePoint Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-38053, CVE-2022-41036, CVE-2022-41037.

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2022-38008 8.8 - High - September 13, 2022

Microsoft SharePoint Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-37961, CVE-2022-38009.

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2022-38009 8.8 - High - September 13, 2022

Microsoft SharePoint Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-37961, CVE-2022-38008.

Microsoft SharePoint Remote Code Execution Vulnerability.

CVE-2022-35823 8.8 - High - September 13, 2022

Microsoft SharePoint Remote Code Execution Vulnerability.

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2022-37961 8.8 - High - September 13, 2022

Microsoft SharePoint Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-38008, CVE-2022-38009.

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2022-30157 8.8 - High - June 15, 2022

Microsoft SharePoint Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30158.

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2022-30158 8.8 - High - June 15, 2022

Microsoft SharePoint Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30157.

Microsoft Office Information Disclosure Vulnerability

CVE-2022-30159 5.5 - Medium - June 15, 2022

Microsoft Office Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-30171, CVE-2022-30172.

Microsoft Office Information Disclosure Vulnerability

CVE-2022-30171 5.5 - Medium - June 15, 2022

Microsoft Office Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-30159, CVE-2022-30172.

Microsoft Office Information Disclosure Vulnerability

CVE-2022-30172 5.5 - Medium - June 15, 2022

Microsoft Office Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-30159, CVE-2022-30171.

Microsoft SharePoint Server Remote Code Execution Vulnerability.

CVE-2022-29108 8.8 - High - May 10, 2022

Microsoft SharePoint Server Remote Code Execution Vulnerability.

Microsoft SharePoint Server Spoofing Vulnerability.

CVE-2022-24472 5.7 - Medium - April 15, 2022

Microsoft SharePoint Server Spoofing Vulnerability.

Microsoft Excel Information Disclosure Vulnerability.

CVE-2022-22716 5.5 - Medium - February 09, 2022

Microsoft Excel Information Disclosure Vulnerability.

Exposure of Resource to Wrong Sphere

Microsoft SharePoint Server Remote Code Execution Vulnerability.

CVE-2022-22005 8.8 - High - February 09, 2022

Microsoft SharePoint Server Remote Code Execution Vulnerability.

Marshaling, Unmarshaling

Microsoft SharePoint Server Security Feature BypassVulnerability.

CVE-2022-21968 4.3 - Medium - February 09, 2022

Microsoft SharePoint Server Security Feature BypassVulnerability.

authentification

Microsoft SharePoint Server Spoofing Vulnerability.

CVE-2022-21987 8 - High - February 09, 2022

Microsoft SharePoint Server Spoofing Vulnerability.

Microsoft Office Remote Code Execution Vulnerability.

CVE-2022-21840 8.8 - High - January 11, 2022

Microsoft Office Remote Code Execution Vulnerability.

Code Injection

Microsoft SharePoint Server Remote Code Execution Vulnerability.

CVE-2022-21837 8.8 - High - January 11, 2022

Microsoft SharePoint Server Remote Code Execution Vulnerability.

Code Injection

Microsoft SharePoint Elevation of Privilege Vulnerability.

CVE-2021-43876 8.8 - High - December 29, 2021

Microsoft SharePoint Elevation of Privilege Vulnerability.

Microsoft SharePoint Server Spoofing Vulnerability

CVE-2021-43242 5.7 - Medium - December 15, 2021

Microsoft SharePoint Server Spoofing Vulnerability This CVE ID is unique from CVE-2021-42320.

Microsoft SharePoint Server Spoofing Vulnerability

CVE-2021-42320 5.7 - Medium - December 15, 2021

Microsoft SharePoint Server Spoofing Vulnerability This CVE ID is unique from CVE-2021-43242.

Authentication Bypass by Spoofing

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2021-42294 7.2 - High - December 15, 2021

Microsoft SharePoint Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-42309.

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2021-42309 8.8 - High - December 15, 2021

Microsoft SharePoint Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-42294.

Code Injection

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2021-41344 8.8 - High - October 13, 2021

Microsoft SharePoint Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-40487.

Microsoft SharePoint Server Information Disclosure Vulnerability

CVE-2021-40482 7.5 - High - October 13, 2021

Microsoft SharePoint Server Information Disclosure Vulnerability

Microsoft SharePoint Server Spoofing Vulnerability

CVE-2021-40483 3.5 - Low - October 13, 2021

Microsoft SharePoint Server Spoofing Vulnerability This CVE ID is unique from CVE-2021-40484.

Microsoft SharePoint Server Spoofing Vulnerability

CVE-2021-40484 3.5 - Low - October 13, 2021

Microsoft SharePoint Server Spoofing Vulnerability This CVE ID is unique from CVE-2021-40483.

Microsoft Word Remote Code Execution Vulnerability

CVE-2021-40486 7.8 - High - October 13, 2021

Microsoft Word Remote Code Execution Vulnerability

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2021-40487 8.8 - High - October 13, 2021

Microsoft SharePoint Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-41344.

Microsoft SharePoint Server Spoofing Vulnerability

CVE-2021-38651 3.5 - Low - September 15, 2021

Microsoft SharePoint Server Spoofing Vulnerability This CVE ID is unique from CVE-2021-38652.

Microsoft SharePoint Server Spoofing Vulnerability

CVE-2021-36940 4.3 - Medium - August 12, 2021

Microsoft SharePoint Server Spoofing Vulnerability

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2021-34467 8.8 - High - July 16, 2021

Microsoft SharePoint Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-34468, CVE-2021-34520.

Microsoft SharePoint Server Spoofing Vulnerability

CVE-2021-34517 5.3 - Medium - July 14, 2021

Microsoft SharePoint Server Spoofing Vulnerability

Microsoft SharePoint Server Information Disclosure Vulnerability

CVE-2021-34519 3.5 - Low - July 14, 2021

Microsoft SharePoint Server Information Disclosure Vulnerability

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2021-34520 8.8 - High - July 14, 2021

Microsoft SharePoint Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-34467, CVE-2021-34468.

Marshaling, Unmarshaling

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2021-34468 8 - High - July 14, 2021

Microsoft SharePoint Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-34467, CVE-2021-34520.

Microsoft SharePoint Server Spoofing Vulnerability

CVE-2021-31948 8.1 - High - June 08, 2021

Microsoft SharePoint Server Spoofing Vulnerability This CVE ID is unique from CVE-2021-31950, CVE-2021-31964.

Microsoft SharePoint Server Spoofing Vulnerability

CVE-2021-31950 8.1 - High - June 08, 2021

Microsoft SharePoint Server Spoofing Vulnerability This CVE ID is unique from CVE-2021-31948, CVE-2021-31964.

XSPA

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2021-31963 8.8 - High - June 08, 2021

Microsoft SharePoint Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26420, CVE-2021-31966.

Microsoft SharePoint Server Spoofing Vulnerability

CVE-2021-31964 8.1 - High - June 08, 2021

Microsoft SharePoint Server Spoofing Vulnerability This CVE ID is unique from CVE-2021-31948, CVE-2021-31950.

Microsoft SharePoint Server Information Disclosure Vulnerability

CVE-2021-31965 6.5 - Medium - June 08, 2021

Microsoft SharePoint Server Information Disclosure Vulnerability

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2021-31966 7.2 - High - June 08, 2021

Microsoft SharePoint Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26420, CVE-2021-31963.

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2021-26420 8.8 - High - June 08, 2021

Microsoft SharePoint Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31963, CVE-2021-31966.

Microsoft SharePoint Spoofing Vulnerability

CVE-2021-26418 7.1 - High - May 11, 2021

Microsoft SharePoint Spoofing Vulnerability This CVE ID is unique from CVE-2021-28478, CVE-2021-31172.

Microsoft SharePoint Spoofing Vulnerability

CVE-2021-28478 7.1 - High - May 11, 2021

Microsoft SharePoint Spoofing Vulnerability This CVE ID is unique from CVE-2021-26418, CVE-2021-31172.

Microsoft SharePoint Spoofing Vulnerability

CVE-2021-31172 7.1 - High - May 11, 2021

Microsoft SharePoint Spoofing Vulnerability This CVE ID is unique from CVE-2021-26418, CVE-2021-28478.

Microsoft SharePoint Server Information Disclosure Vulnerability

CVE-2021-31173 6.5 - Medium - May 11, 2021

Microsoft SharePoint Server Information Disclosure Vulnerability

Information Disclosure

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2021-28474 8.8 - High - May 11, 2021

Microsoft SharePoint Server Remote Code Execution Vulnerability

Interpretation Conflict

Microsoft SharePoint Information Disclosure Vulnerability

CVE-2021-31171 4.4 - Medium - May 11, 2021

Microsoft SharePoint Information Disclosure Vulnerability

Information Disclosure

Microsoft SharePoint Remote Code Execution Vulnerability

CVE-2021-31181 8.8 - High - May 11, 2021

Microsoft SharePoint Remote Code Execution Vulnerability

Microsoft SharePoint Denial of Service Update

CVE-2021-28450 6.5 - Medium - April 13, 2021

Microsoft SharePoint Denial of Service Update

Microsoft Word Remote Code Execution Vulnerability

CVE-2021-28453 7.8 - High - April 13, 2021

Microsoft Word Remote Code Execution Vulnerability

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2021-27076 8.8 - High - March 11, 2021

Microsoft SharePoint Server Remote Code Execution Vulnerability

Microsoft SharePoint Server Information Disclosure Vulnerability

CVE-2021-27052 6.5 - Medium - March 11, 2021

Microsoft SharePoint Server Information Disclosure Vulnerability

Microsoft SharePoint Spoofing Vulnerability

CVE-2021-24104 5.4 - Medium - March 11, 2021

Microsoft SharePoint Spoofing Vulnerability

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2021-24072 8.8 - High - February 25, 2021

Microsoft SharePoint Server Remote Code Execution Vulnerability

Microsoft SharePoint Information Disclosure Vulnerability

CVE-2021-24071 6.5 - Medium - February 25, 2021

Microsoft SharePoint Information Disclosure Vulnerability

Information Disclosure

Microsoft SharePoint Remote Code Execution Vulnerability

CVE-2021-24066 8.8 - High - February 25, 2021

Microsoft SharePoint Remote Code Execution Vulnerability

Marshaling, Unmarshaling

Microsoft SharePoint Spoofing Vulnerability

CVE-2021-1726 8 - High - February 25, 2021

Microsoft SharePoint Spoofing Vulnerability

Microsoft SharePoint Spoofing Vulnerability

CVE-2021-1641 5.4 - Medium - January 12, 2021

Microsoft SharePoint Spoofing Vulnerability This CVE ID is unique from CVE-2021-1717.

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2021-1707 8.8 - High - January 12, 2021

Microsoft SharePoint Server Remote Code Execution Vulnerability

Microsoft SharePoint Elevation of Privilege Vulnerability

CVE-2021-1712 8 - High - January 12, 2021

Microsoft SharePoint Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1719.

Improper Privilege Management

Microsoft Word Remote Code Execution Vulnerability

CVE-2021-1715 7.8 - High - January 12, 2021

Microsoft Word Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1716.

Memory Corruption

Microsoft Word Remote Code Execution Vulnerability

CVE-2021-1716 7.8 - High - January 12, 2021

Microsoft Word Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1715.

Microsoft SharePoint Spoofing Vulnerability

CVE-2021-1717 5.4 - Medium - January 12, 2021

Microsoft SharePoint Spoofing Vulnerability This CVE ID is unique from CVE-2021-1641.

Microsoft SharePoint Elevation of Privilege Vulnerability

CVE-2021-1719 8 - High - January 12, 2021

Microsoft SharePoint Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1712.

Improper Privilege Management

Microsoft Excel Remote Code Execution Vulnerability

CVE-2020-17122 7.8 - High - December 10, 2020

Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2020-17123, CVE-2020-17125, CVE-2020-17127, CVE-2020-17128, CVE-2020-17129.

Microsoft SharePoint Remote Code Execution Vulnerability

CVE-2020-17121 8.8 - High - December 10, 2020

Microsoft SharePoint Remote Code Execution Vulnerability This CVE ID is unique from CVE-2020-17118.

Microsoft SharePoint Information Disclosure Vulnerability

CVE-2020-17120 6.5 - Medium - December 10, 2020

Microsoft SharePoint Information Disclosure Vulnerability

Microsoft SharePoint Remote Code Execution Vulnerability

CVE-2020-17118 9.8 - Critical - December 10, 2020

Microsoft SharePoint Remote Code Execution Vulnerability This CVE ID is unique from CVE-2020-17121.

Microsoft SharePoint Spoofing Vulnerability

CVE-2020-17115 8 - High - December 10, 2020

Microsoft SharePoint Spoofing Vulnerability

Improper Input Validation

Microsoft SharePoint Elevation of Privilege Vulnerability

CVE-2020-17089 8 - High - December 10, 2020

Microsoft SharePoint Elevation of Privilege Vulnerability

Improper Privilege Management

Microsoft SharePoint Remote Code Execution Vulnerability

CVE-2020-17061 8.8 - High - November 11, 2020

Microsoft SharePoint Remote Code Execution Vulnerability

Microsoft SharePoint Spoofing Vulnerability

CVE-2020-17060 5.4 - Medium - November 11, 2020

Microsoft SharePoint Spoofing Vulnerability This CVE ID is unique from CVE-2020-17015, CVE-2020-17016.

Improper Input Validation

Microsoft SharePoint Information Disclosure Vulnerability

CVE-2020-17017 6.5 - Medium - November 11, 2020

Microsoft SharePoint Information Disclosure Vulnerability This CVE ID is unique from CVE-2020-16979.

Information Disclosure

Microsoft SharePoint Spoofing Vulnerability

CVE-2020-17016 8.8 - High - November 11, 2020

Microsoft SharePoint Spoofing Vulnerability This CVE ID is unique from CVE-2020-17015, CVE-2020-17060.

Improper Input Validation

Microsoft SharePoint Spoofing Vulnerability

CVE-2020-17015 6.5 - Medium - November 11, 2020

Microsoft SharePoint Spoofing Vulnerability This CVE ID is unique from CVE-2020-17016, CVE-2020-17060.

Improper Input Validation

Microsoft SharePoint Information Disclosure Vulnerability

CVE-2020-16979 6.5 - Medium - November 11, 2020

Microsoft SharePoint Information Disclosure Vulnerability This CVE ID is unique from CVE-2020-17017.

An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory

CVE-2020-16948 6.5 - Medium - October 16, 2020

An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory, aka 'Microsoft SharePoint Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-16941, CVE-2020-16942, CVE-2020-16950, CVE-2020-16953.

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory

CVE-2020-16929 7.8 - High - October 16, 2020

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-16930, CVE-2020-16931, CVE-2020-16932.

Dangling pointer

An information disclosure vulnerability exists when Microsoft SharePoint Server improperly discloses its folder structure when rendering specific web pages

CVE-2020-16942 4.4 - Medium - October 16, 2020

An information disclosure vulnerability exists when Microsoft SharePoint Server improperly discloses its folder structure when rendering specific web pages, aka 'Microsoft SharePoint Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-16941, CVE-2020-16948, CVE-2020-16950, CVE-2020-16953.

Information Disclosure

An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory

CVE-2020-16953 6.5 - Medium - October 16, 2020

An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory, aka 'Microsoft SharePoint Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-16941, CVE-2020-16942, CVE-2020-16948, CVE-2020-16950.

Information Disclosure

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package

CVE-2020-16952 7.8 - High - October 16, 2020

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-16951.

Origin Validation Error

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package

CVE-2020-16951 7.8 - High - October 16, 2020

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-16952.

Origin Validation Error

An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory

CVE-2020-16950 5.5 - Medium - October 16, 2020

An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory, aka 'Microsoft SharePoint Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-16941, CVE-2020-16942, CVE-2020-16948, CVE-2020-16953.

Information Disclosure

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server

CVE-2020-16946 5.4 - Medium - October 16, 2020

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-16945.

XSS

An information disclosure vulnerability exists when Microsoft SharePoint Server improperly discloses its folder structure when rendering specific web pages

CVE-2020-16941 5.5 - Medium - October 16, 2020

An information disclosure vulnerability exists when Microsoft SharePoint Server improperly discloses its folder structure when rendering specific web pages, aka 'Microsoft SharePoint Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-16942, CVE-2020-16948, CVE-2020-16950, CVE-2020-16953.

Information Disclosure

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Microsoft Sharepoint Server or by Microsoft? Click the Watch button to subscribe.

Microsoft
Vendor

subscribe