Vulnerabilities > Microsoft > Sharepoint Foundation > High

DATE CVE VULNERABILITY TITLE RISK
2020-05-21 CVE-2020-1023 Unrestricted Upload of File with Dangerous Type vulnerability in Microsoft products
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'.
network
low complexity
microsoft CWE-434
8.8
2020-04-15 CVE-2020-0971 Unrestricted Upload of File with Dangerous Type vulnerability in Microsoft products
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'.
network
low complexity
microsoft CWE-434
8.8
2020-04-15 CVE-2020-0932 Unrestricted Upload of File with Dangerous Type vulnerability in Microsoft products
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'.
network
low complexity
microsoft CWE-434
8.8
2020-04-15 CVE-2020-0931 Unrestricted Upload of File with Dangerous Type vulnerability in Microsoft products
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'.
network
low complexity
microsoft CWE-434
8.8
2020-04-15 CVE-2020-0929 Unrestricted Upload of File with Dangerous Type vulnerability in Microsoft products
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'.
network
low complexity
microsoft CWE-434
8.8
2020-04-15 CVE-2020-0920 Unrestricted Upload of File with Dangerous Type vulnerability in Microsoft products
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'.
network
low complexity
microsoft CWE-434
8.8
2020-03-12 CVE-2020-0892 Unspecified vulnerability in Microsoft products
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'.
local
low complexity
microsoft
7.8
2020-03-12 CVE-2020-0850 Unspecified vulnerability in Microsoft products
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'.
network
low complexity
microsoft
8.8
2019-09-11 CVE-2019-1296 Improper Input Validation vulnerability in Microsoft products
A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data input, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'.
network
low complexity
microsoft CWE-20
8.8
2019-09-11 CVE-2019-1295 Improper Input Validation vulnerability in Microsoft products
A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data input, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'.
network
low complexity
microsoft CWE-20
8.8