CVSS: 5.7EPSS: 0%CPEs: 2EXPL: 0CVE-2019-0949
https://notcve.org/view.php?id=CVE-2019-0949
16 May 2019 — A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2019-0950, CVE-2019-0951. Existe una vulnerabilidad de suplantación de identidad cuando Microsoft SharePoint Server no hace un saneamiento de manera correcta de una solicitud web especialmente creada para un servidor de SharePoint afectado, también se conoce como 'Microso... • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0949 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 3EXPL: 0CVE-2019-0830
https://notcve.org/view.php?id=CVE-2019-0830
09 Apr 2019 — A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2019-0831. Se presenta una vulnerabilidad de tipo cross-site scripting (XSS) cuando Microsoft SharePoint Server no sanea apropiadamente una petición web especialmente creada para un servidor de SharePoint afectado, también se conoce como “Microsoft Off... • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0830 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 5EXPL: 0CVE-2019-0831
https://notcve.org/view.php?id=CVE-2019-0831
09 Apr 2019 — A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2019-0830. Se presenta una vulnerabilidad de tipo cross-site scripting (XSS) cuando Microsoft SharePoint Server no sanea apropiadamente una petición web especialmente creada para un servidor de SharePoint afectado, también se conoce como “Microsoft Off... • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0831 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0CVE-2019-0778
https://notcve.org/view.php?id=CVE-2019-0778
09 Apr 2019 — A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. Se presenta una vulnerabilidad de tipo cross-site-scripting (XSS) cuando Microsoft SharePoint Server no sanea apropiadamente una petición web especialmente creada para un servidor de SharePoint afectado, también se conoce como “Microsoft Office SharePoint XSS Vulnerability”. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0778 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2019-0670
https://notcve.org/view.php?id=CVE-2019-0670
05 Mar 2019 — A spoofing vulnerability exists in Microsoft SharePoint when the application does not properly parse HTTP content, aka 'Microsoft SharePoint Spoofing Vulnerability'. Existe una vulnerabilidad de suplantación en Microsoft SharePoint cuando la aplicación no analiza de manera correcta el contenido HTTP. Esto también se conoce como "Microsoft SharePoint Spoofing Vulnerability". • http://www.securityfocus.com/bid/106900 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 9%CPEs: 4EXPL: 0CVE-2019-0594 – Microsoft SharePoint BDC Import Deserialization of Untrusted Data Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-0594
12 Feb 2019 — A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0604. Existe una vulnerabilidad de ejecución remota de código en Microsoft SharePoint cuando el software no comprueba el marcado de origen de un paquete de una aplicación. Esto también se conoce como "Microsoft SharePoint Remote Code Execution Vulnerability". El ID... • http://www.securityfocus.com/bid/106866 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 96%CPEs: 4EXPL: 8CVE-2019-0604 – Microsoft SharePoint Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-0604
12 Feb 2019 — A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0594. Existe una vulnerabilidad de ejecución remota de código en Microsoft SharePoint cuando el software no comprueba el marcado de origen de un paquete de una aplicación. Esto también se conoce como "Microsoft SharePoint Remote Code Execution Vulnerability". El ID... • https://www.exploit-db.com/exploits/48053 • CWE-20: Improper Input Validation •
CVSS: 5.4EPSS: 0%CPEs: 3EXPL: 0CVE-2018-8572
https://notcve.org/view.php?id=CVE-2018-8572
14 Nov 2018 — An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoint. This CVE ID is unique from CVE-2018-8568. Existe una vulnerabilidad de elevación de privilegios de elevación de privilegios cuando Microsoft SharePoint Server no sanea correctamente una petición web especialmen... • http://www.securityfocus.com/bid/105831 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 1%CPEs: 3EXPL: 0CVE-2018-8568
https://notcve.org/view.php?id=CVE-2018-8568
14 Nov 2018 — An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoint. This CVE ID is unique from CVE-2018-8572. Existe una vulnerabilidad de elevación de privilegios de elevación de privilegios cuando Microsoft SharePoint Server no sanea correctamente una petición web especialmen... • http://www.securityfocus.com/bid/105829 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 1%CPEs: 3EXPL: 0CVE-2018-8299
https://notcve.org/view.php?id=CVE-2018-8299
11 Jul 2018 — An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint. This CVE ID is unique from CVE-2018-8323. Existe una vulnerabilidad de elevación de privilegios de elevación de privilegios cuando Microsoft SharePoint Server no sanea correctamente una petición web especialmente manipulada enviada a un se... • http://www.securityfocus.com/bid/104610 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •