CVSS: 9.8EPSS: 97%CPEs: 4EXPL: 5CVE-2019-0604 – Microsoft SharePoint Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-0604
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0594. Existe una vulnerabilidad de ejecución remota de código en Microsoft SharePoint cuando el software no comprueba el marcado de origen de un paquete de una aplicación. Esto también se conoce como "Microsoft SharePoint Remote Code Execution Vulnerability". El ID de este CVE es diferente de CVE-2019-0594. • https://www.exploit-db.com/exploits/48053 https://github.com/linhlhq/CVE-2019-0604 https://github.com/k8gege/CVE-2019-0604 https://github.com/boxhg/CVE-2019-0604 https://github.com/m5050/CVE-2019-0604 http://www.securityfocus.com/bid/106914 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0604 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 20%CPEs: 4EXPL: 0CVE-2019-0594 – Microsoft SharePoint BDC Import Deserialization of Untrusted Data Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-0594
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0604. Existe una vulnerabilidad de ejecución remota de código en Microsoft SharePoint cuando el software no comprueba el marcado de origen de un paquete de una aplicación. Esto también se conoce como "Microsoft SharePoint Remote Code Execution Vulnerability". El ID de este CVE es diferente de CVE-2019-0604. • http://www.securityfocus.com/bid/106866 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0594 • CWE-20: Improper Input Validation •
CVSS: 5.4EPSS: 0%CPEs: 3EXPL: 0CVE-2018-8572
https://notcve.org/view.php?id=CVE-2018-8572
An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoint. This CVE ID is unique from CVE-2018-8568. Existe una vulnerabilidad de elevación de privilegios de elevación de privilegios cuando Microsoft SharePoint Server no sanea correctamente una petición web especialmente manipulada enviada a un servidor SharePoint afectado. Esto también se conoce como "Microsoft SharePoint Elevation of Privilege Vulnerability." • http://www.securityfocus.com/bid/105831 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8572 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 3EXPL: 0CVE-2018-8568
https://notcve.org/view.php?id=CVE-2018-8568
An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoint. This CVE ID is unique from CVE-2018-8572. Existe una vulnerabilidad de elevación de privilegios de elevación de privilegios cuando Microsoft SharePoint Server no sanea correctamente una petición web especialmente manipulada enviada a un servidor SharePoint afectado. Esto también se conoce como "Microsoft SharePoint Elevation of Privilege Vulnerability." • http://www.securityfocus.com/bid/105829 http://www.securitytracker.com/id/1042136 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8568 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 3EXPL: 0CVE-2018-8299
https://notcve.org/view.php?id=CVE-2018-8299
An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint. This CVE ID is unique from CVE-2018-8323. Existe una vulnerabilidad de elevación de privilegios de elevación de privilegios cuando Microsoft SharePoint Server no sanea correctamente una petición web especialmente manipulada enviada a un servidor SharePoint afectado. Esto también se conoce como "Microsoft SharePoint Elevation of Privilege Vulnerability." • http://www.securityfocus.com/bid/104610 http://www.securitytracker.com/id/1041261 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8299 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •