CVE-2022-24472 – Microsoft SharePoint Server Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2022-24472
Microsoft SharePoint Server Spoofing Vulnerability Una vulnerabilidad de suplantación de identidad de Microsoft SharePoint Server • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24472 •
CVE-2022-22716 – Microsoft Excel Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-22716
Microsoft Excel Information Disclosure Vulnerability Una Vulnerabilidad de Divulgación de Información de Microsoft Excel This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XLS files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22716 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2022-22005 – Microsoft SharePoint Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-22005
Microsoft SharePoint Server Remote Code Execution Vulnerability Una Vulnerabilidad de Ejecución de Código Remota en Microsoft SharePoint Server This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft SharePoint Server. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of charts. Tampering with client-side data can trigger the deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the SharePoint web server process. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22005 • CWE-502: Deserialization of Untrusted Data •
CVE-2022-21987 – Microsoft SharePoint Server Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2022-21987
Microsoft SharePoint Server Spoofing Vulnerability Una Vulnerabilidad de Suplantación de Identidad en Microsoft SharePoint Server • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21987 •
CVE-2022-21968 – Microsoft SharePoint Server Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2022-21968
Microsoft SharePoint Server Security Feature Bypass Vulnerability Una Vulnerabilidad de Omisión de Funcionalidades de Seguridad de Microsoft SharePoint Server • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21968 •