CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0CVE-2020-0893
https://notcve.org/view.php?id=CVE-2020-0893
12 Mar 2020 — A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0894. Existe una vulnerabilidad de tipo cross-site-scripting (XSS) cuando Microsoft SharePoint Server no sanea apropiadamente una petición web especialmente diseñada en un servidor SharePoint afectado, también se conoce como "Microsoft Office Shar... • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0893 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 0CVE-2020-0891
https://notcve.org/view.php?id=CVE-2020-0891
12 Mar 2020 — This vulnerability is caused when SharePoint Server does not properly sanitize a specially crafted request to an affected SharePoint server.An authenticated attacker could exploit this vulnerability by sending a specially crafted request to an affected SharePoint server, aka 'Microsoft SharePoint Reflective XSS Vulnerability'. This CVE ID is unique from CVE-2020-0795. Esta vulnerabilidad es causada cuando SharePoint Server no sanea apropiadamente una petición especialmente diseñada en un servidor SharePoint... • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0891 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 33%CPEs: 12EXPL: 0CVE-2020-0850
https://notcve.org/view.php?id=CVE-2020-0850
12 Mar 2020 — A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0851, CVE-2020-0852, CVE-2020-0855, CVE-2020-0892. Existe una vulnerabilidad de ejecución de código remota en el software Microsoft Word cuando tiene un fallo al manejar apropiadamente objetos en memoria, también se conoce como "Microsoft Word Remote Code Execution Vulnerability"'. Este ID de ... • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0850 •
CVSS: 5.4EPSS: 1%CPEs: 3EXPL: 0CVE-2020-0694
https://notcve.org/view.php?id=CVE-2020-0694
11 Feb 2020 — A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0693. Se presenta una vulnerabilidad de tipo cross-site-scripting (XSS) cuando Microsoft SharePoint Server no sanea apropiadamente una petición web especialmente diseñada para un servidor SharePoint afectado, también se conoce como "Microsoft Offi... • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0694 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 3EXPL: 0CVE-2020-0693
https://notcve.org/view.php?id=CVE-2020-0693
11 Feb 2020 — A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0694. Se presenta una vulnerabilidad de tipo cross-site-scripting (XSS) cuando Microsoft SharePoint Server no sanea apropiadamente una petición web especialmente diseñada para un servidor SharePoint afectado, también se conoce como "Microsoft Offi... • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0693 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 6%CPEs: 16EXPL: 0CVE-2019-1446
https://notcve.org/view.php?id=CVE-2019-1446
12 Nov 2019 — An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsoft Excel Information Disclosure Vulnerability'. Se presenta una vulnerabilidad de divulgación de información cuando Microsoft Excel divulga inapropiadamente el contenido de su memoria, también se conoce como "Microsoft Excel Information Disclosure Vulnerability". • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1446 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 15%CPEs: 4EXPL: 0CVE-2019-1443
https://notcve.org/view.php?id=CVE-2019-1443
12 Nov 2019 — An information disclosure vulnerability exists in Microsoft SharePoint when an attacker uploads a specially crafted file to the SharePoint Server.An authenticated attacker who successfully exploited this vulnerability could potentially leverage SharePoint functionality to obtain SMB hashes.The security update addresses the vulnerability by correcting how SharePoint checks file content., aka 'Microsoft SharePoint Information Disclosure Vulnerability'. Se presenta una vulnerabilidad de divulgación de informac... • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1443 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 6.5EPSS: 12%CPEs: 3EXPL: 0CVE-2019-1330
https://notcve.org/view.php?id=CVE-2019-1330
10 Oct 2019 — An elevation of privilege vulnerability exists in Microsoft SharePoint, aka 'Microsoft SharePoint Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1329. Se presenta una vulnerabilidad de elevación de privilegios en Microsoft SharePoint, también se conoce como "Microsoft SharePoint Elevation of Privilege Vulnerability". Este ID de CVE es diferente de CVE-2019-1329. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1330 •
CVSS: 6.5EPSS: 11%CPEs: 4EXPL: 0CVE-2019-1260
https://notcve.org/view.php?id=CVE-2019-1260
11 Sep 2019 — An elevation of privilege vulnerability exists in Microsoft SharePoint, aka 'Microsoft SharePoint Elevation of Privilege Vulnerability'. Se presenta una vulnerabilidad de elevación de privilegios en Microsoft SharePoint, también se conoce como "Microsoft SharePoint Elevation of Privilege Vulnerability". • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1260 •
CVSS: 8.8EPSS: 5%CPEs: 3EXPL: 0CVE-2019-1261
https://notcve.org/view.php?id=CVE-2019-1261
11 Sep 2019 — A spoofing vulnerability exists in Microsoft SharePoint when it improperly handles requests to authorize applications, resulting in cross-site request forgery (CSRF).To exploit this vulnerability, an attacker would need to create a page specifically designed to cause a cross-site request, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2019-1259. Se presenta una vulnerabilidad de suplantación de identidad en Microsoft SharePoint cuando maneja inapropiadamente peticiones par... • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1261 • CWE-352: Cross-Site Request Forgery (CSRF) •