CVSS: 8.8EPSS: 1%CPEs: 3EXPL: 0CVE-2021-28474 – Microsoft SharePoint Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-28474
Microsoft SharePoint Server Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota de Microsoft SharePoint Server This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft SharePoint. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of server-side controls. By specifying a control using a non-canonical string, an unsafe server-side control can be instantiated. An attacker can leverage this vulnerability to execute code in the context of the service account. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28474 https://www.zerodayinitiative.com/advisories/ZDI-21-574 • CWE-436: Interpretation Conflict •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2021-26418 – Microsoft SharePoint Server Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2021-26418
Microsoft SharePoint Server Spoofing Vulnerability Una vulnerabilidad de Suplantación de Identidad de Microsoft SharePoint. Este ID de CVE es diferente de CVE-2021-28478, CVE-2021-31172 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26418 •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-28450 – Microsoft SharePoint Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-28450
Microsoft SharePoint Denial of Service Vulnerability Una Actualización de una Denegación de Servicio de Microsoft SharePoint • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28450 •
CVSS: 5.8EPSS: 29%CPEs: 3EXPL: 0CVE-2021-24104 – Microsoft SharePoint Server Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2021-24104
Microsoft SharePoint Server Spoofing Vulnerability Una Vulnerabilidad de Suplantación de Identidad de Microsoft SharePoint • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24104 •
CVSS: 8.8EPSS: 4%CPEs: 4EXPL: 0CVE-2021-27076 – Microsoft SharePoint Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-27076
Microsoft SharePoint Server Remote Code Execution Vulnerability Una Vulnerabilidad de Ejecución de Código Remota de Microsoft SharePoint Server This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft SharePoint Server. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of InfoPath attachments. Tampering with client-side data can trigger the deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the SharePoint web server process. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27076 https://www.zerodayinitiative.com/advisories/ZDI-21-276 •