CVSS: 9.3EPSS: 33%CPEs: 15EXPL: 0CVE-2018-8628 – Microsoft Office PowerPoint PPT File Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-8628
12 Dec 2018 — A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory, aka "Microsoft PowerPoint Remote Code Execution Vulnerability." This affects Microsoft Office, Office 365 ProPlus, Microsoft PowerPoint, Microsoft SharePoint, Microsoft PowerPoint Viewer, Office Online Server, Microsoft SharePoint Server. Existe una vulnerabilidad de ejecución remota de código en el software de Microsoft PowerPoint cuando no gestiona correctamente objet... • http://www.securityfocus.com/bid/106104 •
CVSS: 8.8EPSS: 11%CPEs: 3EXPL: 0CVE-2018-8635
https://notcve.org/view.php?id=CVE-2018-8635
12 Dec 2018 — An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted authentication request to an affected SharePoint server, aka "Microsoft SharePoint Server Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoint. Existe una vulnerabilidad de elevación de privilegios de elevación de privilegios cuando Microsoft SharePoint Server no sanea correctamente una petición de autenticación especialmente manipula... • http://www.securityfocus.com/bid/106121 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2018-8650 – Microsoft Security Bulletin CVE Revision Increment for December, 2018
https://notcve.org/view.php?id=CVE-2018-8650
12 Dec 2018 — A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft Office SharePoint XSS Vulnerability." This affects Microsoft SharePoint. Existe una vulnerabilidad Cross-Site Scripting (XSS) cuando Microsoft SharePoint Server no sanea correctamente una petición web especialmente manipulada enviada a un servidor SharePoint afectado. Esto también se conoce como "Microsoft Office ShareP... • http://www.securityfocus.com/bid/106170 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0CVE-2018-8568
https://notcve.org/view.php?id=CVE-2018-8568
14 Nov 2018 — An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoint. This CVE ID is unique from CVE-2018-8572. Existe una vulnerabilidad de elevación de privilegios de elevación de privilegios cuando Microsoft SharePoint Server no sanea correctamente una petición web especialmen... • http://www.securityfocus.com/bid/105829 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 3EXPL: 0CVE-2018-8572
https://notcve.org/view.php?id=CVE-2018-8572
14 Nov 2018 — An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoint. This CVE ID is unique from CVE-2018-8568. Existe una vulnerabilidad de elevación de privilegios de elevación de privilegios cuando Microsoft SharePoint Server no sanea correctamente una petición web especialmen... • http://www.securityfocus.com/bid/105831 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0CVE-2018-8488
https://notcve.org/view.php?id=CVE-2018-8488
10 Oct 2018 — An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint. This CVE ID is unique from CVE-2018-8480, CVE-2018-8498, CVE-2018-8518. Existe una vulnerabilidad de elevación de privilegios de elevación de privilegios cuando Microsoft SharePoint Server no sanea correctamente una petición web especialme... • http://www.securityfocus.com/bid/105494 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0CVE-2018-8498
https://notcve.org/view.php?id=CVE-2018-8498
10 Oct 2018 — An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint. This CVE ID is unique from CVE-2018-8480, CVE-2018-8488, CVE-2018-8518. Existe una vulnerabilidad de elevación de privilegios de elevación de privilegios cuando Microsoft SharePoint Server no sanea correctamente una petición web especialme... • http://www.securityfocus.com/bid/105495 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.3EPSS: 16%CPEs: 12EXPL: 0CVE-2018-8504
https://notcve.org/view.php?id=CVE-2018-8504
10 Oct 2018 — A remote code execution vulnerability exists in Microsoft Word software when the software fails to properly handle objects in Protected View, aka "Microsoft Word Remote Code Execution Vulnerability." This affects Microsoft SharePoint Server, Office 365 ProPlus, Microsoft Office, Microsoft Word. Existe una vulnerabilidad de ejecución remota de código en el software de Microsoft Word cuando no gestiona correctamente objetos en vista protegida. Esto también se conoce como "Microsoft Word Remote Code Execution ... • http://www.securityfocus.com/bid/105499 •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0CVE-2018-8518
https://notcve.org/view.php?id=CVE-2018-8518
10 Oct 2018 — An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint. This CVE ID is unique from CVE-2018-8480, CVE-2018-8488, CVE-2018-8498. Existe una vulnerabilidad de elevación de privilegios de elevación de privilegios cuando Microsoft SharePoint Server no sanea correctamente una petición web especialme... • http://www.securityfocus.com/bid/105496 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0CVE-2018-8428
https://notcve.org/view.php?id=CVE-2018-8428
13 Sep 2018 — An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint. This CVE ID is unique from CVE-2018-8431. Existe una vulnerabilidad de elevación de privilegios de elevación de privilegios cuando Microsoft SharePoint Server no sanea correctamente una petición web especialmente manipulada enviada a un se... • http://www.securityfocus.com/bid/105209 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •