CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-28450 – Microsoft SharePoint Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-28450
Microsoft SharePoint Denial of Service Vulnerability Una Actualización de una Denegación de Servicio de Microsoft SharePoint • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28450 •
CVSS: 8.8EPSS: 4%CPEs: 4EXPL: 0CVE-2021-27076 – Microsoft SharePoint Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-27076
Microsoft SharePoint Server Remote Code Execution Vulnerability Una Vulnerabilidad de Ejecución de Código Remota de Microsoft SharePoint Server This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft SharePoint Server. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of InfoPath attachments. Tampering with client-side data can trigger the deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the SharePoint web server process. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27076 https://www.zerodayinitiative.com/advisories/ZDI-21-276 •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-24071 – Microsoft SharePoint Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-24071
Microsoft SharePoint Information Disclosure Vulnerability Una Vulnerabilidad de Divulgación de Información de Microsoft SharePoint • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24071 •
CVSS: 8.0EPSS: 0%CPEs: 23EXPL: 0CVE-2021-1726 – Microsoft SharePoint Server Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2021-1726
Microsoft SharePoint Server Spoofing Vulnerability Una Vulnerabilidad de Suplantación de Identidad de Microsoft SharePoint • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1726 •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-24066 – Microsoft SharePoint Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-24066
Microsoft SharePoint Remote Code Execution Vulnerability Una Vulnerabilidad de Ejecución de Código Remota de Microsoft SharePoint This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft SharePoint Server. Authentication is required to exploit this vulnerability. The specific flaw exists within the implementation of the SPWorkflowDataSourceView class. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the SharePoint service at high integrity. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24066 • CWE-502: Deserialization of Untrusted Data •