CVE-2022-35823 – Microsoft SharePoint Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-35823
Microsoft SharePoint Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota de Microsoft SharePoint This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft SharePoint. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of custom workflows. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the web service account. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35823 •
CVE-2022-29108 – Microsoft SharePoint Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-29108
Microsoft SharePoint Server Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota de Microsoft SharePoint Server This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft SharePoint Server. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of charts. Tampering with client-side data can trigger the deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the SharePoint web server process. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29108 •
CVE-2022-22005 – Microsoft SharePoint Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-22005
Microsoft SharePoint Server Remote Code Execution Vulnerability Una Vulnerabilidad de Ejecución de Código Remota en Microsoft SharePoint Server This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft SharePoint Server. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of charts. Tampering with client-side data can trigger the deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the SharePoint web server process. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22005 • CWE-502: Deserialization of Untrusted Data •
CVE-2022-21987 – Microsoft SharePoint Server Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2022-21987
Microsoft SharePoint Server Spoofing Vulnerability Una Vulnerabilidad de Suplantación de Identidad en Microsoft SharePoint Server • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21987 •
CVE-2022-21968 – Microsoft SharePoint Server Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2022-21968
Microsoft SharePoint Server Security Feature Bypass Vulnerability Una Vulnerabilidad de Omisión de Funcionalidades de Seguridad de Microsoft SharePoint Server • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21968 •