Sharepoint Enterprise Server CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (265 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2017-11775	1 Microsoft	1 Sharepoint Enterprise Server	2025-04-20	N/A
Microsoft SharePoint Enterprise Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an attacker to exploit a cross-site scripting (XSS) vulnerability by sending a specially crafted request to an affected SharePoint server, due to how SharePoint Server sanitizes web requests, aka "Microsoft Office SharePoint XSS Vulnerability". This CVE ID is unique from CVE-2017-11777 and CVE-2017-11820.
CVE-2017-11876	1 Microsoft	2 Project Server, Sharepoint Enterprise Server	2025-04-20	N/A
Microsoft Project Server and Microsoft SharePoint Enterprise Server 2016 allow an attacker to use cross-site forgery to read content that they are not authorized to read, use the victim's identity to take actions on the web application on behalf of the victim, such as change permissions and delete content, and inject malicious content in the browser of the victim, aka "Microsoft Project Server Elevation of Privilege Vulnerability".
CVE-2023-21717	1 Microsoft	3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server	2025-04-12	8.8 High
Microsoft SharePoint Server Elevation of Privilege Vulnerability
CVE-2022-37961	1 Microsoft	3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server	2025-03-11	8.8 High
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2022-38009	1 Microsoft	3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server	2025-03-11	8.8 High
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2022-38008	1 Microsoft	3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server	2025-03-11	8.8 High
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2022-35823	1 Microsoft	3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server	2025-03-11	8.8 High
Microsoft SharePoint Remote Code Execution Vulnerability
CVE-2022-41061	1 Microsoft	7 365 Apps, Office, Office Online Server and 4 more	2025-02-28	7.8 High
Microsoft Word Remote Code Execution Vulnerability
CVE-2021-40487	1 Microsoft	3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server	2025-02-28	8.1 High
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2021-40485	1 Microsoft	7 365 Apps, Excel, Office and 4 more	2025-02-28	7.8 High
Microsoft Excel Remote Code Execution Vulnerability
CVE-2021-31181	1 Microsoft	3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server	2025-02-28	8.8 High
Microsoft SharePoint Remote Code Execution Vulnerability
CVE-2020-1456	1 Microsoft	2 Sharepoint Enterprise Server, Sharepoint Server	2025-02-28	5.4 Medium
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1450, CVE-2020-1451.
CVE-2020-1106	1 Microsoft	3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server	2025-02-28	5.4 Medium
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1099, CVE-2020-1100, CVE-2020-1101.
CVE-2020-0933	1 Microsoft	3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server	2025-02-28	5.4 Medium
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0923, CVE-2020-0924, CVE-2020-0925, CVE-2020-0926, CVE-2020-0927, CVE-2020-0930, CVE-2020-0954, CVE-2020-0973, CVE-2020-0978.
CVE-2020-0930	1 Microsoft	2 Sharepoint Enterprise Server, Sharepoint Server	2025-02-28	5.4 Medium
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0923, CVE-2020-0924, CVE-2020-0925, CVE-2020-0926, CVE-2020-0927, CVE-2020-0933, CVE-2020-0954, CVE-2020-0973, CVE-2020-0978.
CVE-2020-0927	1 Microsoft	2 Sharepoint Enterprise Server, Sharepoint Server	2025-02-28	5.4 Medium
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0923, CVE-2020-0924, CVE-2020-0925, CVE-2020-0926, CVE-2020-0930, CVE-2020-0933, CVE-2020-0954, CVE-2020-0973, CVE-2020-0978.
CVE-2020-0926	1 Microsoft	2 Sharepoint Enterprise Server, Sharepoint Server	2025-02-28	5.4 Medium
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0923, CVE-2020-0924, CVE-2020-0925, CVE-2020-0927, CVE-2020-0930, CVE-2020-0933, CVE-2020-0954, CVE-2020-0973, CVE-2020-0978.
CVE-2020-0925	1 Microsoft	3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server	2025-02-28	5.4 Medium
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0923, CVE-2020-0924, CVE-2020-0926, CVE-2020-0927, CVE-2020-0930, CVE-2020-0933, CVE-2020-0954, CVE-2020-0973, CVE-2020-0978.
CVE-2020-0924	1 Microsoft	3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server	2025-02-28	5.4 Medium
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0923, CVE-2020-0925, CVE-2020-0926, CVE-2020-0927, CVE-2020-0930, CVE-2020-0933, CVE-2020-0954, CVE-2020-0973, CVE-2020-0978.
CVE-2020-0923	1 Microsoft	3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server	2025-02-28	5.4 Medium
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0924, CVE-2020-0925, CVE-2020-0926, CVE-2020-0927, CVE-2020-0930, CVE-2020-0933, CVE-2020-0954, CVE-2020-0973, CVE-2020-0978.

« first previous Page 3 of 14. next last »