Vulnerabilities > Microsoft > Sharepoint Enterprise Server > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-09-11 | CVE-2020-1345 | Cross-site Scripting vulnerability in Microsoft products <p>A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. | 7.4 |
2020-09-11 | CVE-2020-1218 | Unspecified vulnerability in Microsoft products <p>A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. | 7.8 |
2020-09-11 | CVE-2020-1200 | Download of Code Without Integrity Check vulnerability in Microsoft products <p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. | 8.6 |
2020-09-11 | CVE-2020-1198 | Cross-site Scripting vulnerability in Microsoft products <p>A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. | 7.4 |
2020-08-17 | CVE-2020-1583 | Unspecified vulnerability in Microsoft products An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. | 8.8 |
2020-08-17 | CVE-2020-1495 | Unspecified vulnerability in Microsoft products A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. | 8.8 |
2020-07-14 | CVE-2020-1448 | Unspecified vulnerability in Microsoft products A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. | 8.8 |
2020-07-14 | CVE-2020-1447 | Unspecified vulnerability in Microsoft products A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. | 8.8 |
2020-07-14 | CVE-2020-1446 | Unspecified vulnerability in Microsoft products A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. | 8.8 |
2020-07-14 | CVE-2020-1439 | Deserialization of Untrusted Data vulnerability in Microsoft products A remote code execution vulnerability exists in PerformancePoint Services for SharePoint Server when the software fails to check the source markup of XML file input, aka 'PerformancePoint Services Remote Code Execution Vulnerability'. | 8.8 |