Microsoft Sharepoint Server 2019 vulnerabilities

245 known vulnerabilities affecting microsoft/microsoft_sharepoint_server_2019.

Total CVEs

245

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL8HIGH155MEDIUM77LOW5

Vulnerabilities

Page 10 of 13

CVE-2021-1712HIGHCVSS 8.0≥ 16.0.0, < publication2021-01-12

CVE-2021-1712 [HIGH] CWE-269 CVE-2021-1712: Microsoft SharePoint Elevation of Privilege Vulnerability Microsoft SharePoint Elevation of Privilege Vulnerability

nvd

CVE-2021-1707HIGHCVSS 8.8≥ 16.0.0, < publication2021-01-12

CVE-2021-1707 [HIGH] CVE-2021-1707: Microsoft SharePoint Server Remote Code Execution Vulnerability Microsoft SharePoint Server Remote Code Execution Vulnerability

nvd

CVE-2021-1719HIGHCVSS 8.0≥ 16.0.0, < publication2021-01-12

CVE-2021-1719 [HIGH] CWE-269 CVE-2021-1719: Microsoft SharePoint Elevation of Privilege Vulnerability Microsoft SharePoint Elevation of Privilege Vulnerability

nvd

CVE-2021-1715HIGHCVSS 7.8≥ 16.0.0, < publication2021-01-12

CVE-2021-1715 [HIGH] CWE-787 CVE-2021-1715: Microsoft Word Remote Code Execution Vulnerability Microsoft Word Remote Code Execution Vulnerability

nvd

CVE-2021-1717MEDIUMCVSS 5.4≥ 16.0.0, < publication2021-01-12

CVE-2021-1717 [MEDIUM] CVE-2021-1717: Microsoft SharePoint Server Spoofing Vulnerability Microsoft SharePoint Server Spoofing Vulnerability

nvd

CVE-2021-1641MEDIUMCVSS 5.4≥ 16.0.0, < publication2021-01-12

CVE-2021-1641 [MEDIUM] CVE-2021-1641: Microsoft SharePoint Server Spoofing Vulnerability Microsoft SharePoint Server Spoofing Vulnerability

nvd

CVE-2020-17118CRITICALCVSS 9.8≥ 16.0.0, < publication2020-12-10

CVE-2020-17118 [CRITICAL] CVE-2020-17118: Microsoft SharePoint Remote Code Execution Vulnerability Microsoft SharePoint Remote Code Execution Vulnerability

nvd

CVE-2020-17089HIGHCVSS 8.0≥ 16.0.0, < publication2020-12-10

CVE-2020-17089 [HIGH] CVE-2020-17089: Microsoft SharePoint Elevation of Privilege Vulnerability Microsoft SharePoint Elevation of Privilege Vulnerability

nvd

CVE-2020-17115HIGHCVSS 8.0≥ 16.0.0, < publication2020-12-10

CVE-2020-17115 [HIGH] CVE-2020-17115: Microsoft SharePoint Server Spoofing Vulnerability Microsoft SharePoint Server Spoofing Vulnerability

nvd

CVE-2020-17121HIGHCVSS 8.8≥ 16.0.0, < publication2020-12-10

CVE-2020-17121 [HIGH] CVE-2020-17121: Microsoft SharePoint Remote Code Execution Vulnerability Microsoft SharePoint Remote Code Execution Vulnerability

nvd

CVE-2020-17120MEDIUMCVSS 6.5≥ 16.0.0, < publication2020-12-10

CVE-2020-17120 [MEDIUM] CVE-2020-17120: Microsoft SharePoint Information Disclosure Vulnerability Microsoft SharePoint Information Disclosure Vulnerability

nvd

CVE-2020-17016HIGHCVSS 8.8≥ 16.0.0, < publication2020-11-11

CVE-2020-17016 [HIGH] CVE-2020-17016: Microsoft SharePoint Server Spoofing Vulnerability Microsoft SharePoint Server Spoofing Vulnerability

nvd

CVE-2020-17061HIGHCVSS 8.8≥ 16.0.0, < publication2020-11-11

CVE-2020-17061 [HIGH] CVE-2020-17061: Microsoft SharePoint Remote Code Execution Vulnerability Microsoft SharePoint Remote Code Execution Vulnerability

nvd

CVE-2020-17017MEDIUMCVSS 6.5≥ 16.0.0, < publication2020-11-11

CVE-2020-17017 [MEDIUM] CVE-2020-17017: Microsoft SharePoint Information Disclosure Vulnerability Microsoft SharePoint Information Disclosure Vulnerability

nvd

CVE-2020-17015MEDIUMCVSS 6.5≥ 16.0.0, < publication2020-11-11

CVE-2020-17015 [MEDIUM] CVE-2020-17015: Microsoft SharePoint Server Spoofing Vulnerability Microsoft SharePoint Server Spoofing Vulnerability

nvd

CVE-2020-17060MEDIUMCVSS 5.4≥ 16.0.0, < publication2020-11-11

CVE-2020-17060 [MEDIUM] CVE-2020-17060: Microsoft SharePoint Server Spoofing Vulnerability Microsoft SharePoint Server Spoofing Vulnerability

nvd

CVE-2020-16979MEDIUMCVSS 6.5≥ 16.0.0, < publication2020-11-11

CVE-2020-16979 [MEDIUM] CVE-2020-16979: Microsoft SharePoint Information Disclosure Vulnerability Microsoft SharePoint Information Disclosure Vulnerability

nvd

CVE-2020-16951HIGHCVSS 7.8≥ 16.0.0, < publication2020-10-16

CVE-2020-16951 [HIGH] CWE-346 CVE-2020-16951: <p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to c A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm account. Exploitation of this vulnerability

nvd

CVE-2020-16952HIGHCVSS 7.8PoC≥ 16.0.0, < publication2020-10-16

CVE-2020-16952 [HIGH] CWE-346 CVE-2020-16952: <p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to c A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm account. Exploitation of this vulnerability

nvd

CVE-2020-16944MEDIUMCVSS 5.4≥ 16.0.0, < publication2020-10-16

CVE-2020-16944 [MEDIUM] CWE-79 CVE-2020-16944: <p>This vulnerability is caused when SharePoint Server does not properly sanitize a specially crafte This vulnerability is caused when SharePoint Server does not properly sanitize a specially crafted request to an affected SharePoint server. An authenticated attacker could exploit this vulnerability by sending a specially crafted request to an affected SharePoint server. The attacker who successfully exploited this vulnerability could then perform c

nvd

← Previous10 / 13Next →