Search Results (528 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2013-0007 1 Microsoft 15 Expression Web, Groove Server, Office and 12 more 2025-04-11 N/A
Microsoft XML Core Services (aka MSXML) 4.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka "MSXML XSLT Vulnerability."
CVE-2013-1289 1 Microsoft 5 Groove Server, Infopath, Office Web Apps and 2 more 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2010 SP1, Groove Server 2010 SP1, SharePoint Foundation 2010 SP1, and Office Web Apps 2010 SP1 allows remote attackers to inject arbitrary web script or HTML via a crafted string, aka "HTML Sanitization Vulnerability."
CVE-2013-3857 1 Microsoft 5 Office Compatibility Pack, Office Web Apps, Sharepoint Server and 2 more 2025-04-11 N/A
Microsoft Word Automation Services in SharePoint Server 2010 SP1 and SP2, Word Web App 2010 SP1 and SP2 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1 and SP2, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability."
CVE-2011-0653 1 Microsoft 2 Sharepoint Foundation, Sharepoint Server 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in Microsoft Office SharePoint Server 2010 Gold and SP1, and SharePoint Foundation 2010, allows remote attackers to inject arbitrary web script or HTML via the URI, aka "XSS in SharePoint Calendar Vulnerability."
CVE-2013-0085 1 Microsoft 2 Sharepoint Foundation, Sharepoint Server 2025-04-11 N/A
Buffer overflow in Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1 allows remote attackers to cause a denial of service (W3WP process crash and site outage) via a crafted URL, aka "Buffer Overflow Vulnerability."
CVE-2013-0006 1 Microsoft 15 Expression Web, Groove Server, Office and 12 more 2025-04-11 8.8 High
Microsoft XML Core Services (aka MSXML) 3.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka "MSXML Integer Truncation Vulnerability."
CVE-2013-1330 1 Microsoft 5 Office Web Apps, Sharepoint Foundation, Sharepoint Portal Server and 2 more 2025-04-11 N/A
The default configuration of Microsoft SharePoint Portal Server 2003 SP3, SharePoint Server 2007 SP3 and 2010 SP1 and SP2, and Office Web Apps 2010 does not set the EnableViewStateMac attribute, which allows remote attackers to execute arbitrary code by leveraging an unassigned workflow, aka "MAC Disabled Vulnerability."
CVE-2013-3180 1 Microsoft 2 Sharepoint Foundation, Sharepoint Server 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2010 SP1 and SP2 and 2013 allows remote attackers to inject arbitrary web script or HTML via a crafted POST request, aka "POST XSS Vulnerability."
CVE-2010-3243 1 Microsoft 8 Internet Explorer, Sharepoint Server, Sharepoint Services and 5 more 2025-04-11 4.3 Medium
Cross-site scripting (XSS) vulnerability in the toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2 and Office SharePoint Server 2007 SP2, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "HTML Sanitization Vulnerability."
CVE-2024-33880 2 Microsoft, Virtosoftware 2 Sharepoint Server, Sharepoint Bulk File Download 2025-03-19 5.3 Medium
An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. It discloses full pathnames via Virto.SharePoint.FileDownloader/Api/Download.ashx?action=archive.
CVE-2022-37961 1 Microsoft 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server 2025-03-11 8.8 High
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2022-38009 1 Microsoft 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server 2025-03-11 8.8 High
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2022-38008 1 Microsoft 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server 2025-03-11 8.8 High
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2022-35823 1 Microsoft 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server 2025-03-11 8.8 High
Microsoft SharePoint Remote Code Execution Vulnerability
CVE-2023-33157 1 Microsoft 1 Sharepoint Server 2025-02-28 8.8 High
Microsoft SharePoint Remote Code Execution Vulnerability
CVE-2021-40487 1 Microsoft 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server 2025-02-28 8.1 High
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2021-40485 1 Microsoft 7 365 Apps, Excel, Office and 4 more 2025-02-28 7.8 High
Microsoft Excel Remote Code Execution Vulnerability
CVE-2021-31181 1 Microsoft 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server 2025-02-28 8.8 High
Microsoft SharePoint Remote Code Execution Vulnerability
CVE-2021-31172 1 Microsoft 2 Sharepoint Foundation, Sharepoint Server 2025-02-28 7.1 High
Microsoft SharePoint Server Spoofing Vulnerability
CVE-2021-28478 1 Microsoft 2 Sharepoint Foundation, Sharepoint Server 2025-02-28 7.6 High
Microsoft SharePoint Server Spoofing Vulnerability