CVSS: 5.4EPSS: 0%CPEs: 5EXPL: 0CVE-2019-0831
https://notcve.org/view.php?id=CVE-2019-0831
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2019-0830. Se presenta una vulnerabilidad de tipo cross-site scripting (XSS) cuando Microsoft SharePoint Server no sanea apropiadamente una petición web especialmente creada para un servidor de SharePoint afectado, también se conoce como “Microsoft Office SharePoint XSS Vulnerability”. Este ID de CVE es diferente de CVE-2019-0830. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0831 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 4%CPEs: 4EXPL: 0CVE-2019-0594 – Microsoft SharePoint BDC Import Deserialization of Untrusted Data Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-0594
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0604. Existe una vulnerabilidad de ejecución remota de código en Microsoft SharePoint cuando el software no comprueba el marcado de origen de un paquete de una aplicación. Esto también se conoce como "Microsoft SharePoint Remote Code Execution Vulnerability". El ID de este CVE es diferente de CVE-2019-0604. • http://www.securityfocus.com/bid/106866 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0594 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 97%CPEs: 4EXPL: 5CVE-2019-0604 – Microsoft SharePoint Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-0604
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0594. Existe una vulnerabilidad de ejecución remota de código en Microsoft SharePoint cuando el software no comprueba el marcado de origen de un paquete de una aplicación. Esto también se conoce como "Microsoft SharePoint Remote Code Execution Vulnerability". El ID de este CVE es diferente de CVE-2019-0594. • https://www.exploit-db.com/exploits/48053 https://github.com/linhlhq/CVE-2019-0604 https://github.com/k8gege/CVE-2019-0604 https://github.com/boxhg/CVE-2019-0604 https://github.com/m5050/CVE-2019-0604 http://www.securityfocus.com/bid/106914 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0604 • CWE-20: Improper Input Validation •
CVSS: 5.4EPSS: 0%CPEs: 3EXPL: 0CVE-2019-0562
https://notcve.org/view.php?id=CVE-2019-0562
An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoint. Existe una vulnerabilidad de elevación de privilegios cuando Microsoft SharePoint Server no sanea correctamente una petición web especialmente manipulada enviada a un servidor SharePoint afectado. Esto también se conoce como "Microsoft SharePoint Elevation of Privilege Vulnerability." Esto afecta a Microsoft SharePoint Server y Microsoft SharePoint. • http://www.securityfocus.com/bid/106400 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0562 •
CVSS: 9.3EPSS: 2%CPEs: 15EXPL: 0CVE-2018-8628 – Microsoft Office PowerPoint PPT File Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-8628
A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory, aka "Microsoft PowerPoint Remote Code Execution Vulnerability." This affects Microsoft Office, Office 365 ProPlus, Microsoft PowerPoint, Microsoft SharePoint, Microsoft PowerPoint Viewer, Office Online Server, Microsoft SharePoint Server. Existe una vulnerabilidad de ejecución remota de código en el software de Microsoft PowerPoint cuando no gestiona correctamente objetos en la memoria. Esto también se conoce como "Microsoft PowerPoint Remote Code Execution Vulnerability". Esto afecta a Microsoft Office, Office 365 ProPlus, Microsoft PowerPoint, Microsoft SharePoint, Microsoft PowerPoint Viewer, Office Online Server y Microsoft SharePoint Server. • http://www.securityfocus.com/bid/106104 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8628 •