Sharepoint Server Microsoft Sharepoint Server

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Microsoft Sharepoint Server.

Recent Microsoft Sharepoint Server Security Advisories

Advisory Title Published
CVE-2025-30384 CVE-2025-30384 Microsoft SharePoint Server Remote Code Execution Vulnerability May 13, 2025
CVE-2025-30382 CVE-2025-30382 Microsoft SharePoint Server Remote Code Execution Vulnerability May 13, 2025
CVE-2025-30378 CVE-2025-30378 Microsoft SharePoint Server Remote Code Execution Vulnerability May 13, 2025
CVE-2025-29976 CVE-2025-29976 Microsoft SharePoint Server Elevation of Privilege Vulnerability May 13, 2025
CVE-2025-21400 CVE-2025-21400 Microsoft SharePoint Server Remote Code Execution Vulnerability February 11, 2025
CVE-2025-21393 CVE-2025-21393 Microsoft SharePoint Server Spoofing Vulnerability January 14, 2025
CVE-2025-21348 CVE-2025-21348 Microsoft SharePoint Server Remote Code Execution Vulnerability January 14, 2025
CVE-2025-21344 CVE-2025-21344 Microsoft SharePoint Server Remote Code Execution Vulnerability January 14, 2025
ADV240001 ADV240001 Microsoft SharePoint Server Defense in Depth Update November 12, 2024
CVE-2024-43466 CVE-2024-43466 Microsoft SharePoint Server Denial of Service Vulnerability September 10, 2024

By the Year

In 2025 there have been 5 vulnerabilities in Microsoft Sharepoint Server with an average score of 7.3 out of ten. Last year, in 2024 Sharepoint Server had 21 security vulnerabilities published. Right now, Sharepoint Server is on track to have less security vulnerabilities in 2025 than it did last year. However, the average CVE base score of the vulnerabilities in 2025 is greater by 0.06.




Year Vulnerabilities Average Score
2025 5 7.26
2024 21 7.20
2023 27 7.55
2022 29 7.76
2021 53 7.09
2020 121 6.72
2019 47 6.64
2018 55 6.86

It may take a day or so for new Sharepoint Server vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Microsoft Sharepoint Server Security Vulnerabilities

Deserialization of untrusted data in Microsoft Office SharePoint

CVE-2025-30378 7 - High - May 13, 2025

Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.

Marshaling, Unmarshaling

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2025-21400 8 - High - February 11, 2025

Microsoft SharePoint Server Remote Code Execution Vulnerability

AuthZ

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2025-21344 7.8 - High - January 14, 2025

Microsoft SharePoint Server Remote Code Execution Vulnerability

Improper Input Validation

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2025-21348 7.2 - High - January 14, 2025

Microsoft SharePoint Server Remote Code Execution Vulnerability

AuthZ

Microsoft SharePoint Server Spoofing Vulnerability

CVE-2025-21393 6.3 - Medium - January 14, 2025

Microsoft SharePoint Server Spoofing Vulnerability

XSS

Microsoft SharePoint Information Disclosure Vulnerability

CVE-2024-49062 6.5 - Medium - December 12, 2024

Microsoft SharePoint Information Disclosure Vulnerability

Relative Path Traversal

Microsoft SharePoint Information Disclosure Vulnerability

CVE-2024-49064 6.5 - Medium - December 12, 2024

Microsoft SharePoint Information Disclosure Vulnerability

XXE

Microsoft Office Remote Code Execution Vulnerability

CVE-2024-49065 5.5 - Medium - December 12, 2024

Microsoft Office Remote Code Execution Vulnerability

Out-of-bounds Read

Microsoft SharePoint Elevation of Privilege Vulnerability

CVE-2024-49068 8.2 - High - December 12, 2024

Microsoft SharePoint Elevation of Privilege Vulnerability

Authorization

Microsoft SharePoint Remote Code Execution Vulnerability

CVE-2024-49070 7.4 - High - December 12, 2024

Microsoft SharePoint Remote Code Execution Vulnerability

Marshaling, Unmarshaling

Microsoft SharePoint Elevation of Privilege Vulnerability

CVE-2024-43503 7.8 - High - October 08, 2024

Microsoft SharePoint Elevation of Privilege Vulnerability

Authorization

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2024-38018 8.8 - High - September 10, 2024

Microsoft SharePoint Server Remote Code Execution Vulnerability

Marshaling, Unmarshaling

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2024-38227 7.2 - High - September 10, 2024

Microsoft SharePoint Server Remote Code Execution Vulnerability

Command Injection

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2024-38228 7.2 - High - September 10, 2024

Microsoft SharePoint Server Remote Code Execution Vulnerability

Command Injection

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2024-43464 7.2 - High - September 10, 2024

Microsoft SharePoint Server Remote Code Execution Vulnerability

Marshaling, Unmarshaling

Microsoft SharePoint Server Denial of Service Vulnerability

CVE-2024-43466 7.5 - High - September 10, 2024

Microsoft SharePoint Server Denial of Service Vulnerability

Marshaling, Unmarshaling

Microsoft SharePoint Server Information Disclosure Vulnerability

CVE-2024-32987 7.5 - High - July 09, 2024

Microsoft SharePoint Server Information Disclosure Vulnerability

Microsoft SharePoint Remote Code Execution Vulnerability

CVE-2024-38094 7.2 - High - July 09, 2024

Microsoft SharePoint Remote Code Execution Vulnerability

Marshaling, Unmarshaling

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2024-38023 7.2 - High - July 09, 2024

Microsoft SharePoint Server Remote Code Execution Vulnerability

Marshaling, Unmarshaling

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2024-38024 7.2 - High - July 09, 2024

Microsoft SharePoint Server Remote Code Execution Vulnerability

Marshaling, Unmarshaling

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2024-30100 7.8 - High - June 11, 2024

Microsoft SharePoint Server Remote Code Execution Vulnerability

Microsoft SharePoint Server Information Disclosure Vulnerability

CVE-2024-30043 7.5 - High - May 14, 2024

Microsoft SharePoint Server Information Disclosure Vulnerability

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2024-30044 7.2 - High - May 14, 2024

Microsoft SharePoint Server Remote Code Execution Vulnerability

Marshaling, Unmarshaling

Microsoft SharePoint Server Spoofing Vulnerability

CVE-2024-26251 3.1 - Low - April 09, 2024

Microsoft SharePoint Server Spoofing Vulnerability

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2024-21426 7.8 - High - March 12, 2024

Microsoft SharePoint Server Remote Code Execution Vulnerability

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2024-21318 8.8 - High - January 09, 2024

Microsoft SharePoint Server Remote Code Execution Vulnerability

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2023-38177 6.8 - Medium - November 14, 2023

Microsoft SharePoint Server Remote Code Execution Vulnerability

Microsoft Word Remote Code Execution Vulnerability

CVE-2023-36762 7.3 - High - September 12, 2023

Microsoft Word Remote Code Execution Vulnerability

Microsoft SharePoint Server Elevation of Privilege Vulnerability

CVE-2023-36764 8.8 - High - September 12, 2023

Microsoft SharePoint Server Elevation of Privilege Vulnerability

Microsoft SharePoint Server Information Disclosure Vulnerability

CVE-2023-36890 6.5 - Medium - August 08, 2023

Microsoft SharePoint Server Information Disclosure Vulnerability

Microsoft SharePoint Server Spoofing Vulnerability

CVE-2023-36891 8 - High - August 08, 2023

Microsoft SharePoint Server Spoofing Vulnerability

Microsoft SharePoint Server Spoofing Vulnerability

CVE-2023-36892 8 - High - August 08, 2023

Microsoft SharePoint Server Spoofing Vulnerability

Microsoft SharePoint Server Information Disclosure Vulnerability

CVE-2023-36894 6.5 - Medium - August 08, 2023

Microsoft SharePoint Server Information Disclosure Vulnerability

Microsoft SharePoint Server Security Feature Bypass Vulnerability

CVE-2023-33165 7.5 - High - July 11, 2023

Microsoft SharePoint Server Security Feature Bypass Vulnerability

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2023-33134 8.8 - High - July 11, 2023

Microsoft SharePoint Server Remote Code Execution Vulnerability

Microsoft SharePoint Remote Code Execution Vulnerability

CVE-2023-33157 8.8 - High - July 11, 2023

Microsoft SharePoint Remote Code Execution Vulnerability

Microsoft SharePoint Server Spoofing Vulnerability

CVE-2023-33159 8.8 - High - July 11, 2023

Microsoft SharePoint Server Spoofing Vulnerability

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2023-33160 8.8 - High - July 11, 2023

Microsoft SharePoint Server Remote Code Execution Vulnerability

Microsoft SharePoint Server Spoofing Vulnerability

CVE-2023-33130 7.3 - High - June 14, 2023

Microsoft SharePoint Server Spoofing Vulnerability

Microsoft SharePoint Server Elevation of Privilege Vulnerability

CVE-2023-33142 6.5 - Medium - June 14, 2023

Microsoft SharePoint Server Elevation of Privilege Vulnerability

Microsoft SharePoint Server Denial of Service Vulnerability

CVE-2023-33129 6.5 - Medium - June 14, 2023

Microsoft SharePoint Server Denial of Service Vulnerability

Microsoft SharePoint Server Spoofing Vulnerability

CVE-2023-33132 6.3 - Medium - June 14, 2023

Microsoft SharePoint Server Spoofing Vulnerability

Microsoft SharePoint Server Elevation of Privilege Vulnerability

CVE-2023-29357 9.8 - Critical - June 14, 2023

Microsoft SharePoint Server Elevation of Privilege Vulnerability

Microsoft SharePoint Server Information Disclosure Vulnerability

CVE-2023-24954 6.5 - Medium - May 09, 2023

Microsoft SharePoint Server Information Disclosure Vulnerability

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2023-24955 7.2 - High - May 09, 2023

Microsoft SharePoint Server Remote Code Execution Vulnerability

Code Injection

Microsoft SharePoint Server Spoofing Vulnerability

CVE-2023-24950 6.5 - Medium - May 09, 2023

Microsoft SharePoint Server Spoofing Vulnerability

Microsoft SharePoint Server Spoofing Vulnerability

CVE-2023-28288 8.1 - High - April 11, 2023

Microsoft SharePoint Server Spoofing Vulnerability

Microsoft SharePoint Server Spoofing Vulnerability

CVE-2023-23395 3.1 - Low - March 14, 2023

Microsoft SharePoint Server Spoofing Vulnerability

Microsoft Word Remote Code Execution Vulnerability

CVE-2023-21716 9.8 - Critical - February 14, 2023

Microsoft Word Remote Code Execution Vulnerability

Microsoft SharePoint Server Elevation of Privilege Vulnerability

CVE-2023-21717 8.8 - High - February 14, 2023

Microsoft SharePoint Server Elevation of Privilege Vulnerability

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2023-21742 8.8 - High - January 10, 2023

Microsoft SharePoint Server Remote Code Execution Vulnerability

Microsoft SharePoint Server Security Feature Bypass Vulnerability

CVE-2023-21743 5.3 - Medium - January 10, 2023

Microsoft SharePoint Server Security Feature Bypass Vulnerability

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2023-21744 8.8 - High - January 10, 2023

Microsoft SharePoint Server Remote Code Execution Vulnerability

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2022-44690 8.8 - High - December 13, 2022

Microsoft SharePoint Server Remote Code Execution Vulnerability

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2022-44693 8.8 - High - December 13, 2022

Microsoft SharePoint Server Remote Code Execution Vulnerability

Microsoft Word Information Disclosure Vulnerability

CVE-2022-41060 5.5 - Medium - November 09, 2022

Microsoft Word Information Disclosure Vulnerability

Microsoft Word Remote Code Execution Vulnerability

CVE-2022-41061 7.8 - High - November 09, 2022

Microsoft Word Remote Code Execution Vulnerability

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2022-41062 8.8 - High - November 09, 2022

Microsoft SharePoint Server Remote Code Execution Vulnerability

Microsoft Word Information Disclosure Vulnerability

CVE-2022-41103 5.5 - Medium - November 09, 2022

Microsoft Word Information Disclosure Vulnerability

Microsoft SharePoint Server Spoofing Vulnerability

CVE-2022-41122 6.5 - Medium - November 09, 2022

Microsoft SharePoint Server Spoofing Vulnerability

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2022-38053 8.8 - High - October 11, 2022

Microsoft SharePoint Server Remote Code Execution Vulnerability

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2022-41036 8.8 - High - October 11, 2022

Microsoft SharePoint Server Remote Code Execution Vulnerability

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2022-41037 8.8 - High - October 11, 2022

Microsoft SharePoint Server Remote Code Execution Vulnerability

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2022-41038 8.8 - High - October 11, 2022

Microsoft SharePoint Server Remote Code Execution Vulnerability

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2022-38008 8.8 - High - September 13, 2022

Microsoft SharePoint Server Remote Code Execution Vulnerability

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2022-38009 8.8 - High - September 13, 2022

Microsoft SharePoint Server Remote Code Execution Vulnerability

Microsoft SharePoint Remote Code Execution Vulnerability

CVE-2022-35823 8.8 - High - September 13, 2022

Microsoft SharePoint Remote Code Execution Vulnerability

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2022-37961 8.8 - High - September 13, 2022

Microsoft SharePoint Server Remote Code Execution Vulnerability

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2022-30157 8.8 - High - June 15, 2022

Microsoft SharePoint Server Remote Code Execution Vulnerability

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2022-30158 8.8 - High - June 15, 2022

Microsoft SharePoint Server Remote Code Execution Vulnerability

Microsoft Office Information Disclosure Vulnerability

CVE-2022-30159 5.5 - Medium - June 15, 2022

Microsoft Office Information Disclosure Vulnerability

Microsoft Office Information Disclosure Vulnerability

CVE-2022-30171 5.5 - Medium - June 15, 2022

Microsoft Office Information Disclosure Vulnerability

Microsoft Office Information Disclosure Vulnerability

CVE-2022-30172 5.5 - Medium - June 15, 2022

Microsoft Office Information Disclosure Vulnerability

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2022-29108 8.8 - High - May 10, 2022

Microsoft SharePoint Server Remote Code Execution Vulnerability

Microsoft SharePoint Server Spoofing Vulnerability

CVE-2022-24472 8 - High - April 15, 2022

Microsoft SharePoint Server Spoofing Vulnerability

Microsoft Excel Information Disclosure Vulnerability

CVE-2022-22716 5.5 - Medium - February 09, 2022

Microsoft Excel Information Disclosure Vulnerability

Buffer Overflow

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2022-22005 8.8 - High - February 09, 2022

Microsoft SharePoint Server Remote Code Execution Vulnerability

Marshaling, Unmarshaling

Microsoft SharePoint Server Security Feature Bypass Vulnerability

CVE-2022-21968 4.3 - Medium - February 09, 2022

Microsoft SharePoint Server Security Feature Bypass Vulnerability

Microsoft SharePoint Server Spoofing Vulnerability

CVE-2022-21987 8 - High - February 09, 2022

Microsoft SharePoint Server Spoofing Vulnerability

Microsoft Office Remote Code Execution Vulnerability

CVE-2022-21840 8.8 - High - January 11, 2022

Microsoft Office Remote Code Execution Vulnerability

Microsoft Word Remote Code Execution Vulnerability

CVE-2022-21842 7.8 - High - January 11, 2022

Microsoft Word Remote Code Execution Vulnerability

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2022-21837 8.8 - High - January 11, 2022

Microsoft SharePoint Server Remote Code Execution Vulnerability

Microsoft SharePoint Elevation of Privilege Vulnerability

CVE-2021-43876 8.8 - High - December 29, 2021

Microsoft SharePoint Elevation of Privilege Vulnerability

Microsoft SharePoint Server Spoofing Vulnerability

CVE-2021-43242 5.7 - Medium - December 15, 2021

Microsoft SharePoint Server Spoofing Vulnerability

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2021-42309 8.8 - High - December 15, 2021

Microsoft SharePoint Server Remote Code Execution Vulnerability

Code Injection

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2021-42294 7.2 - High - December 15, 2021

Microsoft SharePoint Server Remote Code Execution Vulnerability

Microsoft SharePoint Server Spoofing Vulnerability

CVE-2021-42320 5.7 - Medium - December 15, 2021

Microsoft SharePoint Server Spoofing Vulnerability

Authentication Bypass by Spoofing

Microsoft Excel Remote Code Execution Vulnerability

CVE-2021-40442 7.8 - High - November 10, 2021

Microsoft Excel Remote Code Execution Vulnerability

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2021-41344 8.1 - High - October 13, 2021

Microsoft SharePoint Server Remote Code Execution Vulnerability

Microsoft SharePoint Server Information Disclosure Vulnerability

CVE-2021-40482 5.3 - Medium - October 13, 2021

Microsoft SharePoint Server Information Disclosure Vulnerability

Microsoft SharePoint Server Spoofing Vulnerability

CVE-2021-40483 7.6 - High - October 13, 2021

Microsoft SharePoint Server Spoofing Vulnerability

Microsoft SharePoint Server Spoofing Vulnerability

CVE-2021-40484 7.6 - High - October 13, 2021

Microsoft SharePoint Server Spoofing Vulnerability

Microsoft Excel Remote Code Execution Vulnerability

CVE-2021-40485 7.8 - High - October 13, 2021

Microsoft Excel Remote Code Execution Vulnerability

Microsoft Word Remote Code Execution Vulnerability

CVE-2021-40486 7.8 - High - October 13, 2021

Microsoft Word Remote Code Execution Vulnerability

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2021-40487 8.1 - High - October 13, 2021

Microsoft SharePoint Server Remote Code Execution Vulnerability

Microsoft SharePoint Server Spoofing Vulnerability

CVE-2021-38651 7.6 - High - September 15, 2021

Microsoft SharePoint Server Spoofing Vulnerability

Microsoft SharePoint Server Spoofing Vulnerability

CVE-2021-38652 7.6 - High - September 15, 2021

Microsoft SharePoint Server Spoofing Vulnerability

Microsoft SharePoint Server Spoofing Vulnerability

CVE-2021-36940 7.6 - High - August 12, 2021

Microsoft SharePoint Server Spoofing Vulnerability

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2021-34467 7.1 - High - July 16, 2021

Microsoft SharePoint Server Remote Code Execution Vulnerability

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2021-34520 8.1 - High - July 14, 2021

Microsoft SharePoint Server Remote Code Execution Vulnerability

Marshaling, Unmarshaling

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Microsoft Sharepoint Server or by Microsoft? Click the Watch button to subscribe.

Microsoft
Vendor

subscribe