📦 Sharepoint Foundation
by Microsoft
🔍 What is Sharepoint Foundation?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
CVE-2020-1595 is a critical remote code execution vulnerability in Microsoft SharePoint where improperly protected APIs allow attackers to execute arbitrary code by sending specially-formatted input. ...
This is a critical remote code execution vulnerability in Microsoft SharePoint that allows attackers to run arbitrary code by uploading a specially crafted application package. Exploitation requires u...
CVE-2020-1025 is an authentication bypass vulnerability in Microsoft SharePoint Server and Skype for Business Server where improper OAuth token validation allows attackers to modify tokens and gain un...
CVE-2022-29108 is a remote code execution vulnerability in Microsoft SharePoint Server that allows authenticated attackers to execute arbitrary code on affected systems. This affects organizations run...
CVE-2022-24472 is a spoofing vulnerability in Microsoft SharePoint Server that allows an attacker to impersonate a legitimate user and perform unauthorized actions. This affects organizations running ...
CVE-2022-22005 is a remote code execution vulnerability in Microsoft SharePoint Server that allows authenticated attackers to execute arbitrary code on affected servers by uploading specially crafted ...
CVE-2022-21837 is a remote code execution vulnerability in Microsoft SharePoint Server that allows authenticated attackers to execute arbitrary code on affected servers. This affects organizations run...
This vulnerability allows authenticated attackers to execute arbitrary code on Microsoft SharePoint Server by sending specially crafted requests. It affects organizations running vulnerable SharePoint...
CVE-2021-42309 is a remote code execution vulnerability in Microsoft SharePoint Server that allows authenticated attackers to execute arbitrary code on affected servers. This affects organizations run...
CVE-2021-41344 is a remote code execution vulnerability in Microsoft SharePoint Server that allows authenticated attackers to execute arbitrary code on affected systems. This vulnerability affects Sha...
CVE-2021-40487 is a remote code execution vulnerability in Microsoft SharePoint Server that allows authenticated attackers to execute arbitrary code on affected systems. This vulnerability affects Sha...
CVE-2021-38651 is a spoofing vulnerability in Microsoft SharePoint Server that allows an attacker to trick users into clicking malicious links that appear to originate from trusted SharePoint sites. T...
This vulnerability allows an authenticated attacker with SharePoint permissions to execute arbitrary code on affected SharePoint servers. It affects Microsoft SharePoint Server installations where an ...
This vulnerability allows remote attackers to execute arbitrary code on Microsoft SharePoint Server by deserializing untrusted data. It affects organizations running vulnerable SharePoint Server versi...
CVE-2021-34468 is a remote code execution vulnerability in Microsoft SharePoint Server that allows authenticated attackers to execute arbitrary code on affected servers. This affects organizations run...
CVE-2021-31964 is a spoofing vulnerability in Microsoft SharePoint Server that allows an attacker to trick users into clicking malicious links that appear to originate from trusted SharePoint sites. T...
CVE-2021-31966 is a remote code execution vulnerability in Microsoft SharePoint Server that allows authenticated attackers to execute arbitrary code on affected servers. This affects organizations run...
CVE-2021-26420 is a remote code execution vulnerability in Microsoft SharePoint Server that allows authenticated attackers to execute arbitrary code on affected servers. This affects organizations run...
This vulnerability allows an authenticated attacker to spoof content in Microsoft SharePoint Server, potentially tricking users into interacting with malicious content. It affects SharePoint Server 20...
CVE-2021-31950 is a server-side request forgery (SSRF) vulnerability in Microsoft SharePoint Server that allows authenticated attackers to send crafted requests from the SharePoint server to internal ...
CVE-2021-31172 is a spoofing vulnerability in Microsoft SharePoint Server that allows an attacker to trick users into performing actions they didn't intend. This affects organizations running vulnerab...
CVE-2021-31181 is a remote code execution vulnerability in Microsoft SharePoint Server that allows attackers to execute arbitrary code on affected systems by exploiting improper control of generation ...
CVE-2021-27076 is a remote code execution vulnerability in Microsoft SharePoint Server that allows authenticated attackers to execute arbitrary code on affected systems. This affects organizations run...
CVE-2020-16946 is a cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server that allows authenticated attackers to inject malicious scripts. When exploited, these scripts execute in th...
This is a remote code execution vulnerability in Microsoft SharePoint that allows attackers to run arbitrary code by uploading specially crafted application packages. It affects SharePoint servers whe...
CVE-2020-16944 is a cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server where improper input sanitization allows authenticated attackers to execute malicious scripts in users' brow...
This is a remote code execution vulnerability in Microsoft SharePoint that allows attackers to run arbitrary code by uploading specially crafted application packages. It affects SharePoint servers whe...
This is a remote code execution vulnerability in Microsoft SharePoint that allows attackers to run arbitrary code by uploading a specially crafted application package. It affects SharePoint servers wh...
CVE-2020-1460 is a remote code execution vulnerability in Microsoft SharePoint Server that allows authenticated attackers to execute arbitrary code by uploading specially crafted ASP.Net web controls....
This is a remote code execution vulnerability in Microsoft SharePoint that allows attackers to run arbitrary code by uploading a specially crafted application package. It affects SharePoint servers wh...
This CVE describes an information disclosure vulnerability in Microsoft SharePoint Server where improper memory handling allows authenticated attackers to access sensitive information. The vulnerabili...
This CVE describes an information disclosure vulnerability in Microsoft SharePoint Server where improper memory handling allows authenticated attackers to access sensitive information. The vulnerabili...
Microsoft SharePoint Server discloses folder structure information when rendering specific web pages, allowing attackers to view script file paths. This affects organizations running vulnerable ShareP...
This is an authenticated cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server that allows attackers to inject malicious scripts into web pages. When exploited, these scripts execute...
This is a cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server where improper input sanitization allows authenticated attackers to inject malicious scripts. Successful exploitation ...
This is a cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server where authenticated attackers can inject malicious scripts through specially crafted web requests. Successful exploita...