CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 0CVE-2019-0558
https://notcve.org/view.php?id=CVE-2019-0558
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft Office SharePoint XSS Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoint, Microsoft Business Productivity Servers. This CVE ID is unique from CVE-2019-0556, CVE-2019-0557. Existe una vulnerabilidad de Cross-Site Scripting (XSS) cuando Microsoft SharePoint Server no sanea correctamente una petición web especialmente manipulada enviada a un servidor SharePoint afectado. Esto también se conoce como "Microsoft Office SharePoint XSS Vulnerability". • http://www.securityfocus.com/bid/106389 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0558 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 3EXPL: 0CVE-2019-0562
https://notcve.org/view.php?id=CVE-2019-0562
An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoint. Existe una vulnerabilidad de elevación de privilegios cuando Microsoft SharePoint Server no sanea correctamente una petición web especialmente manipulada enviada a un servidor SharePoint afectado. Esto también se conoce como "Microsoft SharePoint Elevation of Privilege Vulnerability." Esto afecta a Microsoft SharePoint Server y Microsoft SharePoint. • http://www.securityfocus.com/bid/106400 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0562 •
CVSS: 9.3EPSS: 25%CPEs: 16EXPL: 0CVE-2019-0585 – Microsoft Office Word wwlib Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-0585
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka "Microsoft Word Remote Code Execution Vulnerability." This affects Word, Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Microsoft SharePoint, Microsoft Office Online Server, Microsoft Word, Microsoft SharePoint Server. Existe una vulnerabilidad de ejecución remota de código en el software de Microsoft Word cuando no gestiona correctamente objetos en la memoria. Esto también se conoce como "Microsoft Word Remote Code Execution Vulnerability". Esto afecta a Word, Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Microsoft SharePoint, Microsoft Office Online Server, Microsoft Word y Microsoft SharePoint Server. • http://www.securityfocus.com/bid/106392 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0585 •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2018-8650
https://notcve.org/view.php?id=CVE-2018-8650
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft Office SharePoint XSS Vulnerability." This affects Microsoft SharePoint. Existe una vulnerabilidad Cross-Site Scripting (XSS) cuando Microsoft SharePoint Server no sanea correctamente una petición web especialmente manipulada enviada a un servidor SharePoint afectado. Esto también se conoce como "Microsoft Office SharePoint XSS Vulnerability". Esto afecta a Microsoft SharePoint. • http://www.securityfocus.com/bid/106170 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8650 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2018-8635
https://notcve.org/view.php?id=CVE-2018-8635
An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted authentication request to an affected SharePoint server, aka "Microsoft SharePoint Server Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoint. Existe una vulnerabilidad de elevación de privilegios de elevación de privilegios cuando Microsoft SharePoint Server no sanea correctamente una petición de autenticación especialmente manipulada enviada a un servidor SharePoint afectado. Esto también se conoce como "Microsoft SharePoint Elevation of Privilege Vulnerability." Esto afecta a Microsoft SharePoint Server y Microsoft SharePoint. • http://www.securityfocus.com/bid/106121 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8635 • CWE-20: Improper Input Validation •