Page 15 of 341 results (0.006 seconds)

CVSS: 8.8EPSS: 4%CPEs: 4EXPL: 0

Microsoft SharePoint Server Remote Code Execution Vulnerability Una Vulnerabilidad de Ejecución de Código Remota de Microsoft SharePoint Server This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft SharePoint Server. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of InfoPath attachments. Tampering with client-side data can trigger the deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the SharePoint web server process. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27076 https://www.zerodayinitiative.com/advisories/ZDI-21-276 •

CVSS: 8.8EPSS: 1%CPEs: 3EXPL: 0

Microsoft SharePoint Server Remote Code Execution Vulnerability Una Vulnerabilidad de Ejecución de Código Remota de Microsoft SharePoint Server • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24072 •

CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0

Microsoft SharePoint Information Disclosure Vulnerability Una Vulnerabilidad de Divulgación de Información de Microsoft SharePoint • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24071 •

CVSS: 8.0EPSS: 0%CPEs: 23EXPL: 0

Microsoft SharePoint Server Spoofing Vulnerability Una Vulnerabilidad de Suplantación de Identidad de Microsoft SharePoint • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1726 •

CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 0

Microsoft SharePoint Remote Code Execution Vulnerability Una Vulnerabilidad de Ejecución de Código Remota de Microsoft SharePoint This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft SharePoint Server. Authentication is required to exploit this vulnerability. The specific flaw exists within the implementation of the SPWorkflowDataSourceView class. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the SharePoint service at high integrity. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24066 • CWE-502: Deserialization of Untrusted Data •