Total
457 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-17122 | 1 Microsoft | 3 Office, Office Web Apps, Sharepoint Server | 2025-08-28 | 9.3 HIGH | 7.8 HIGH |
| Microsoft Excel Remote Code Execution Vulnerability | |||||
| CVE-2020-17121 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2025-08-28 | 6.5 MEDIUM | 8.8 HIGH |
| Microsoft SharePoint Remote Code Execution Vulnerability | |||||
| CVE-2020-17120 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2025-08-28 | 4.0 MEDIUM | 5.3 MEDIUM |
| Microsoft SharePoint Information Disclosure Vulnerability | |||||
| CVE-2020-17118 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2025-08-28 | 10.0 HIGH | 8.1 HIGH |
| Microsoft SharePoint Remote Code Execution Vulnerability | |||||
| CVE-2020-17115 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2025-08-28 | 6.0 MEDIUM | 8.0 HIGH |
| Microsoft SharePoint Server Spoofing Vulnerability | |||||
| CVE-2020-17089 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2025-08-28 | 6.0 MEDIUM | 7.1 HIGH |
| Microsoft SharePoint Elevation of Privilege Vulnerability | |||||
| CVE-2025-53736 | 1 Microsoft | 6 365 Apps, Office, Office Long Term Servicing Channel and 3 more | 2025-08-18 | N/A | 6.8 MEDIUM |
| Buffer over-read in Microsoft Office Word allows an unauthorized attacker to disclose information locally. | |||||
| CVE-2025-53733 | 1 Microsoft | 6 365 Apps, Office, Office Long Term Servicing Channel and 3 more | 2025-08-18 | N/A | 8.4 HIGH |
| Incorrect conversion between numeric types in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-49712 | 1 Microsoft | 1 Sharepoint Server | 2025-08-15 | N/A | 8.8 HIGH |
| Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | |||||
| CVE-2025-53760 | 1 Microsoft | 1 Sharepoint Server | 2025-08-15 | N/A | 7.1 HIGH |
| Server-side request forgery (ssrf) in Microsoft Office SharePoint allows an authorized attacker to elevate privileges over a network. | |||||
| CVE-2025-53771 | 1 Microsoft | 1 Sharepoint Server | 2025-08-14 | N/A | 6.5 MEDIUM |
| Improper authentication in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network. | |||||
| CVE-2025-49703 | 1 Microsoft | 5 365 Apps, Office, Office Long Term Servicing Channel and 2 more | 2025-07-16 | N/A | 7.8 HIGH |
| Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-49701 | 1 Microsoft | 1 Sharepoint Server | 2025-07-15 | N/A | 8.8 HIGH |
| Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | |||||
| CVE-2025-29794 | 1 Microsoft | 2 Sharepoint Enterprise Server, Sharepoint Server | 2025-07-09 | N/A | 8.8 HIGH |
| Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | |||||
| CVE-2025-29793 | 1 Microsoft | 2 Sharepoint Enterprise Server, Sharepoint Server | 2025-07-09 | N/A | 7.2 HIGH |
| Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | |||||
| CVE-2025-26642 | 1 Microsoft | 7 365 Apps, Access, Excel and 4 more | 2025-07-09 | N/A | 7.8 HIGH |
| Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-47168 | 1 Microsoft | 6 365 Apps, Office, Office Long Term Servicing Channel and 3 more | 2025-07-09 | N/A | 7.8 HIGH |
| Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||||
| CVE-2025-47166 | 1 Microsoft | 2 Sharepoint Enterprise Server, Sharepoint Server | 2025-07-09 | N/A | 8.8 HIGH |
| Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | |||||
| CVE-2025-47163 | 1 Microsoft | 2 Sharepoint Enterprise Server, Sharepoint Server | 2025-07-09 | N/A | 8.8 HIGH |
| Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | |||||
| CVE-2025-27747 | 1 Microsoft | 6 365 Apps, Office, Office Long Term Servicing Channel and 3 more | 2025-07-09 | N/A | 7.8 HIGH |
| Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||||