Microsoft Sharepoint Server 2019 vulnerabilities
245 known vulnerabilities affecting microsoft/microsoft_sharepoint_server_2019.
Total CVEs
245
CISA KEV
8
actively exploited
Public exploits
11
Exploited in wild
5
Severity breakdown
CRITICAL8HIGH155MEDIUM77LOW5
Vulnerabilities
Page 13 of 13
CVE-2019-1035HIGHCVSS 7.8≥ 16.0.0, < publication2019-06-12
CVE-2019-1035 [HIGH] CVE-2019-1035: A remote code execution vulnerability exists in Microsoft Word software when it fails to properly ha
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the file could then take actions on behalf of the logged-on user with
nvd
CVE-2019-1032MEDIUMCVSS 5.4≥ 16.0.0, < publication2019-06-12
CVE-2019-1032 [MEDIUM] CWE-79 CVE-2019-1032: A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.
The attacker who successfully exploited the vul
nvd
CVE-2019-1033MEDIUMCVSS 5.4≥ 16.0.0, < publication2019-06-12
CVE-2019-1033 [MEDIUM] CWE-79 CVE-2019-1033: A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.
The attacker who successfully exploited the vul
nvd
CVE-2019-1036MEDIUMCVSS 5.4≥ 16.0.0, < publication2019-06-12
CVE-2019-1036 [MEDIUM] CWE-79 CVE-2019-1036: A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.
The attacker who successfully exploited the vul
nvd
CVE-2019-1031MEDIUMCVSS 5.4≥ 16.0.0, < publication2019-06-12
CVE-2019-1031 [MEDIUM] CWE-79 CVE-2019-1031: A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.
The attacker who successfully exploited the vul
nvd
← Previous13 / 13