Skip to main content

Sharepoint Services

9 CVEs product

Monthly

CVE-2015-0085 CRITICAL Emergency

Use-after-free vulnerability in Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Office 2013 Gold. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 46.3% and no vendor patch available.

RCE Denial Of Service Microsoft Excel Excel Viewer +9
NVD
CVSS 2.0
9.3
EPSS
46.3%
CVE-2014-0251 CRITICAL Act Now

Microsoft Windows SharePoint Services 3.0 SP3; SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 Gold and SP1; SharePoint Foundation 2010 SP1 and SP2 and 2013 Gold and SP1; Project Server 2010. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 19.6% and no vendor patch available.

RCE Code Injection Microsoft Office Web Apps Server Project Server +6
NVD
CVSS 2.0
9.0
EPSS
19.6%
CVE-2013-3847 CRITICAL Emergency

Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 64.2% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Sharepoint Foundation +7
NVD
CVSS 2.0
9.3
EPSS
64.2%
CVE-2013-3179 MEDIUM POC THREAT This Month

Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 allows remote attackers to inject arbitrary web script or HTML via a crafted request, aka. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 10.6%.

Microsoft XSS Sharepoint Foundation Sharepoint Server Sharepoint Services
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
10.6%
CVE-2013-1330 CRITICAL Emergency

The default configuration of Microsoft SharePoint Portal Server 2003 SP3, SharePoint Server 2007 SP3 and 2010 SP1 and SP2, and Office Web Apps 2010 does not set the EnableViewStateMac attribute,. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 67.1% and no vendor patch available.

Microsoft RCE Sharepoint Foundation Sharepoint Portal Server Sharepoint Server +2
NVD
CVSS 2.0
10.0
EPSS
67.1%
Threat
4.0
CVE-2013-1315 CRITICAL POC PATCH THREAT Act Now

Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013; Office Web Apps 2010; Excel 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office for Mac 2011; Excel Viewer; and Office. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 73.7%.

Buffer Overflow Denial Of Service Microsoft RCE Excel +8
NVD
CVSS 2.0
9.3
EPSS
73.7%
Threat
5.6
CVE-2013-0081 MEDIUM This Month

Microsoft SharePoint Portal Server 2003 SP3 and SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 do not properly process unassigned workflows, which allows remote attackers to cause a denial of. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 78.4% and no vendor patch available.

Denial Of Service Microsoft Sharepoint Foundation Sharepoint Portal Server Sharepoint Server +1
NVD
CVSS 2.0
5.0
EPSS
78.4%
CVE-2012-2520 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Microsoft InfoPath 2007 SP2 and SP3 and 2010 SP1, Communicator 2007 R2, Lync 2010 and 2010 Attendee, SharePoint Server 2007 SP2 and SP3 and 2010 SP1,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 24.2% and no vendor patch available.

Microsoft XSS Groove Server Infopath Lync +5
NVD
CVSS 2.0
4.3
EPSS
24.2%
CVE-2012-1863 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Microsoft Office SharePoint Server 2007 SP2 and SP3 Windows SharePoint Services 3.0 SP2, and SharePoint Foundation 2010 Gold and SP1 allows remote. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 41.3% and no vendor patch available.

Microsoft XSS Office Sharepoint Server Sharepoint Foundation Sharepoint Server +1
NVD
CVSS 2.0
4.3
EPSS
41.3%
EPSS 46% CVSS 9.3
CRITICAL Emergency

Use-after-free vulnerability in Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Office 2013 Gold. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 46.3% and no vendor patch available.

RCE Denial Of Service Microsoft +11
NVD
EPSS 20% CVSS 9.0
CRITICAL Act Now

Microsoft Windows SharePoint Services 3.0 SP3; SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 Gold and SP1; SharePoint Foundation 2010 SP1 and SP2 and 2013 Gold and SP1; Project Server 2010. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 19.6% and no vendor patch available.

RCE Code Injection Microsoft +8
NVD
EPSS 64% CVSS 9.3
CRITICAL Emergency

Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 64.2% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft +9
NVD
EPSS 11% CVSS 4.3
MEDIUM POC THREAT This Month

Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 allows remote attackers to inject arbitrary web script or HTML via a crafted request, aka. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 10.6%.

Microsoft XSS Sharepoint Foundation +2
NVD Exploit-DB
EPSS 67% 4.0 CVSS 10.0
CRITICAL Emergency

The default configuration of Microsoft SharePoint Portal Server 2003 SP3, SharePoint Server 2007 SP3 and 2010 SP1 and SP2, and Office Web Apps 2010 does not set the EnableViewStateMac attribute,. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 67.1% and no vendor patch available.

Microsoft RCE Sharepoint Foundation +4
NVD
EPSS 74% 5.6 CVSS 9.3
CRITICAL POC PATCH THREAT Act Now

Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013; Office Web Apps 2010; Excel 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office for Mac 2011; Excel Viewer; and Office. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 73.7%.

Buffer Overflow Denial Of Service Microsoft +10
NVD
EPSS 78% CVSS 5.0
MEDIUM This Month

Microsoft SharePoint Portal Server 2003 SP3 and SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 do not properly process unassigned workflows, which allows remote attackers to cause a denial of. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 78.4% and no vendor patch available.

Denial Of Service Microsoft Sharepoint Foundation +3
NVD
EPSS 24% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Microsoft InfoPath 2007 SP2 and SP3 and 2010 SP1, Communicator 2007 R2, Lync 2010 and 2010 Attendee, SharePoint Server 2007 SP2 and SP3 and 2010 SP1,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 24.2% and no vendor patch available.

Microsoft XSS Groove Server +7
NVD
EPSS 41% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Microsoft Office SharePoint Server 2007 SP2 and SP3 Windows SharePoint Services 3.0 SP2, and SharePoint Foundation 2010 Gold and SP1 allows remote. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 41.3% and no vendor patch available.

Microsoft XSS Office Sharepoint Server +3
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy