Vulnerabilities > Microsoft > Sharepoint Server > 2016

DATE CVE VULNERABILITY TITLE RISK
2019-05-16 CVE-2019-0949 Cross-site Scripting vulnerability in Microsoft Sharepoint Foundation and Sharepoint Server
A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'.
network
microsoft CWE-79
3.5
3.5
2019-01-08 CVE-2019-0585 Unspecified vulnerability in Microsoft products
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka "Microsoft Word Remote Code Execution Vulnerability." This affects Word, Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Microsoft SharePoint, Microsoft Office Online Server, Microsoft Word, Microsoft SharePoint Server.
network
microsoft
critical
 9.3
9.3
2019-01-08 CVE-2019-0558 Cross-site Scripting vulnerability in Microsoft Business Productivity Servers and Sharepoint Server
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft Office SharePoint XSS Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoint, Microsoft Business Productivity Servers.
network
microsoft CWE-79
3.5
3.5
2019-01-08 CVE-2019-0557 Cross-site Scripting vulnerability in Microsoft Sharepoint Server 2016
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft Office SharePoint XSS Vulnerability." This affects Microsoft SharePoint.
network
microsoft CWE-79
3.5
3.5
2018-06-14 CVE-2018-8254 Cross-site Scripting vulnerability in Microsoft products
An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft Project Server, Microsoft SharePoint.
network
microsoft CWE-79
3.5
3.5
2018-06-14 CVE-2018-8252 Cross-site Scripting vulnerability in Microsoft Sharepoint Foundation and Sharepoint Server
An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint.
network
microsoft CWE-79
3.5
3.5
2018-05-09 CVE-2018-8161 Unspecified vulnerability in Microsoft products
A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability." This affects Microsoft Word, Word, Microsoft Office, Microsoft SharePoint.
network
microsoft
critical
 9.3
9.3
2018-05-09 CVE-2018-8156 Cross-site Scripting vulnerability in Microsoft Project Server and Sharepoint Server
An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint, Microsoft Project Server.
network
microsoft CWE-79
3.5
3.5
2018-05-09 CVE-2018-8155 Cross-site Scripting vulnerability in Microsoft Sharepoint Foundation and Sharepoint Server
An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint.
network
microsoft CWE-79
3.5
3.5
2018-05-09 CVE-2018-8149 Cross-site Scripting vulnerability in Microsoft Sharepoint Server 2010/2013/2016
An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoint.
network
microsoft CWE-79
3.5
3.5