Microsoft Project Server vulnerabilities

5 known vulnerabilities affecting microsoft/microsoft_project_server.

Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM4

Vulnerabilities

Page 1 of 1
CVE-2020-0954MEDIUMCVSS 5.4v2013 Service Pack 1 (64-bit edition)2020-04-15
CVE-2020-0954 [MEDIUM] CVE-2020-0954: A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an af A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0923, CVE-2020-0924, CVE-2020-0925, CVE-2020-0
cvelistv5
CVE-2018-8575HIGHCVSS 7.8v2013 Service Pack 1 (32-bit edition)v2013 Service Pack 1 (64-bit edition)2018-11-14
CVE-2018-8575 [HIGH] CVE-2018-8575: A remote code execution vulnerability exists in Microsoft Project software when it fails to properly A remote code execution vulnerability exists in Microsoft Project software when it fails to properly handle objects in memory, aka "Microsoft Project Remote Code Execution Vulnerability." This affects Microsoft Project, Office 365 ProPlus, Microsoft Project Server.
cvelistv5nvd
CVE-2018-8254MEDIUMCVSS 5.4v2010 Service Pack 22018-06-14
CVE-2018-8254 [MEDIUM] CVE-2018-8254: An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affec An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft Project Server, Microsoft SharePoint. This CVE ID
cvelistv5
CVE-2018-8252MEDIUMCVSS 5.4v2010 Service Pack 22018-06-14
CVE-2018-8252 [MEDIUM] CWE-79 CVE-2018-8252: An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sa An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint. This CVE ID is unique from CVE-2018-8254.
nvd
CVE-2018-8156MEDIUMCVSS 5.4v2010 Service Pack 2v2013 Service Pack 12018-05-09
CVE-2018-8156 [MEDIUM] CVE-2018-8156: An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affec An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint, Microsoft Project Server. This CVE ID
cvelistv5