Vulnerabilities > Microsoft > Sharepoint Enterprise Server > High

DATE CVE VULNERABILITY TITLE RISK
2020-09-11 CVE-2020-1345 Cross-site Scripting vulnerability in Microsoft products
<p>A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server.
network
low complexity
microsoft CWE-79
7.4
2020-09-11 CVE-2020-1218 Unspecified vulnerability in Microsoft products
<p>A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory.
local
low complexity
microsoft
7.8
2020-09-11 CVE-2020-1200 Download of Code Without Integrity Check vulnerability in Microsoft products
<p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package.
network
low complexity
microsoft CWE-494
8.6
2020-09-11 CVE-2020-1198 Cross-site Scripting vulnerability in Microsoft products
<p>A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server.
network
low complexity
microsoft CWE-79
7.4
2020-08-17 CVE-2020-1583 Unspecified vulnerability in Microsoft products
An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory.
network
low complexity
microsoft
8.8
2020-08-17 CVE-2020-1495 Unspecified vulnerability in Microsoft products
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory.
network
low complexity
microsoft
8.8
2020-07-14 CVE-2020-1448 Unspecified vulnerability in Microsoft products
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'.
network
low complexity
microsoft
8.8
2020-07-14 CVE-2020-1447 Unspecified vulnerability in Microsoft products
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'.
network
low complexity
microsoft
8.8
2020-07-14 CVE-2020-1446 Unspecified vulnerability in Microsoft products
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'.
network
low complexity
microsoft
8.8
2020-07-14 CVE-2020-1439 Deserialization of Untrusted Data vulnerability in Microsoft products
A remote code execution vulnerability exists in PerformancePoint Services for SharePoint Server when the software fails to check the source markup of XML file input, aka 'PerformancePoint Services Remote Code Execution Vulnerability'.
network
low complexity
microsoft CWE-502
8.8