Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Sharepoint_server
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 439 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2025-07-20 | CVE-2025-53770 | Deserialization of untrusted data in on-premises Microsoft SharePoint Server allows an unauthorized attacker to execute code over a network. Microsoft is aware that an exploit for CVE-2025-53770 exists in the wild. Microsoft is preparing and fully testing a comprehensive update to address this vulnerability. In the meantime, please make sure that the mitigation provided in this CVE documentation is in place so that you are protected from exploitation. | Sharepoint_server | N/A | ||
| 2025-07-08 | CVE-2025-49704 | Improper control of generation of code ('code injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | Sharepoint_server | N/A | ||
| 2025-07-08 | CVE-2025-49706 | Improper authentication in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network. | Sharepoint_enterprise_server, Sharepoint_server | 6.5 | ||
| 2025-07-08 | CVE-2025-49703 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | 365_apps, Office, Office_long_term_servicing_channel, Sharepoint_server, Word | N/A | ||
| 2025-07-08 | CVE-2025-49701 | Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | Sharepoint_server | 8.8 | ||
| 2025-04-08 | CVE-2025-26642 | Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally. | 365_apps, Access, Excel, Office, Office_long_term_servicing_channel, Office_online_server, Sharepoint_server | N/A | ||
| 2025-04-08 | CVE-2025-26642 | Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally. | 365_apps, Access, Excel, Office, Office_long_term_servicing_channel, Office_online_server, Sharepoint_server | N/A | ||
| 2025-04-08 | CVE-2025-27746 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | 365_apps, Office, Office_long_term_servicing_channel, Office_online_server, Sharepoint_server | N/A | ||
| 2025-04-08 | CVE-2025-27746 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | 365_apps, Office, Office_long_term_servicing_channel, Office_online_server, Sharepoint_server | N/A | ||
| 2025-04-08 | CVE-2025-27747 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | 365_apps, Office, Office_long_term_servicing_channel, Sharepoint_enterprise_server, Sharepoint_server, Word | N/A |