CVSS: 7.6EPSS: 0%CPEs: 3EXPL: 0CVE-2021-38651 – Microsoft SharePoint Server Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2021-38651
Microsoft SharePoint Server Spoofing Vulnerability Una Vulnerabilidad de Suplantación de Identidad de Microsoft SharePoint Server . Este CVE ID es diferente de CVE-2021-38652 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38651 •
CVSS: 7.6EPSS: 0%CPEs: 3EXPL: 0CVE-2021-36940 – Microsoft SharePoint Server Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2021-36940
Microsoft SharePoint Server Spoofing Vulnerability Una Vulnerabilidad de suplantación de identidad en Microsoft SharePoint Server • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36940 •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2021-34467 – Microsoft SharePoint Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-34467
Microsoft SharePoint Server Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota de Microsoft SharePoint Server. Este ID de CVE es diferente de CVE-2021-34468, CVE-2021-34520 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34467 •
CVSS: 8.8EPSS: 2%CPEs: 3EXPL: 0CVE-2021-34520 – Microsoft SharePoint Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-34520
Microsoft SharePoint Server Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota de Microsoft SharePoint Server. Este ID de CVE es diferente de CVE-2021-34467, CVE-2021-34468 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft SharePoint. Authentication is required to exploit this vulnerability. The specific flaw exists within the Microsoft.SharePoint.WorkflowActions.SetVariableActivity class. A crafted SetVariableActivity element can result in instantiation of an arbitrary .NET type. An attacker can leverage this vulnerability to execute code in the context of the web service account. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34520 https://www.zerodayinitiative.com/advisories/ZDI-21-828 • CWE-502: Deserialization of Untrusted Data •
CVSS: 5.3EPSS: 23%CPEs: 3EXPL: 0CVE-2021-34519 – Microsoft SharePoint Server Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-34519
Microsoft SharePoint Server Information Disclosure Vulnerability Una vulnerabilidad de Divulgación de Información de Microsoft SharePoint Server This vulnerability allows network-adjacent attackers to tamper with update data on affected installations of Microsoft SharePoint. User interaction is required to exploit this vulnerability. The specific flaw exists within the handling of SharePoint Help updates. The issue results from a missing integrity check on update downloads. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the service account. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34519 https://www.zerodayinitiative.com/advisories/ZDI-21-830 •