Download
| Alert*
oval:org.secpod.oval:def:36403
Microsoft SharePoint Server 2016 is installed oval:org.secpod.oval:def:43490 The host is missing a critical security update 4011642 oval:org.secpod.oval:def:43436 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:43437 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:42123 The host is missing an important security update KB4011127 oval:org.secpod.oval:def:44600 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:44601 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:44602 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly verify tenant permissions. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacker who successfully exploited the ... oval:org.secpod.oval:def:43881 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:43880 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:54662 A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacke ... oval:org.secpod.oval:def:54663 A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacke ... oval:org.secpod.oval:def:58903 A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacke ... oval:org.secpod.oval:def:58904 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:54665 A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP.Net web controls. An authenticated attacker who successfully exploited the vulnerability could use a specially crafted page to perform actions in the security context ... oval:org.secpod.oval:def:58901 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:54734 The host is missing an important security update for KB4464549 oval:org.secpod.oval:def:44951 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:44954 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted URL to a user of an affected SharePoin ... oval:org.secpod.oval:def:51371 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:44960 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:44961 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:50692 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:50694 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:51426 The host is missing a security update 4462211 oval:org.secpod.oval:def:47481 The host is missing an important security update 4092459 oval:org.secpod.oval:def:46039 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:46040 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:50790 The host is missing an important security update for KB4462155 oval:org.secpod.oval:def:43903 The host is missing an important security update for KB4011680 oval:org.secpod.oval:def:46060 The host is missing an important security update for KB4022173 oval:org.secpod.oval:def:45026 The host is missing an important security update for KB4018336 oval:org.secpod.oval:def:46358 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:46359 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:45390 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:45391 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:46363 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:45397 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:47466 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:47469 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:47465 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:46429 The host is missing an important security update for KB4022228 oval:org.secpod.oval:def:54127 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:54126 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:42394 The host is missing an important security update KB4011217 oval:org.secpod.oval:def:58980 The host is missing an important security update for KB4484111 oval:org.secpod.oval:def:44588 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:44589 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:44590 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:44595 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:44596 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:44598 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:44591 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:44592 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:44593 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:44594 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:45452 The host is missing an important security update for KB4018381 oval:org.secpod.oval:def:54212 The host is missing an important security update for KB4464510 oval:org.secpod.oval:def:43446 A cross-site-scripting (XSS) vulnerability exists when Microsoft Access does not properly sanitize inputs to image fields edited within Design view. An attacker could exploit the vulnerability by sending a specially crafted file to a victim, or by hosting the file on a web server. The attacker who s ... oval:org.secpod.oval:def:44661 The host is missing a security update 4018293 oval:org.secpod.oval:def:54668 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:50693 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:43171 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:43197 The host is missing an important security update KB4011576 oval:org.secpod.oval:def:59699 The host is missing an important security update for KB4484143 oval:org.secpod.oval:def:58905 An elevation of privilege vulnerability exists in Microsoft SharePoint. An attacker who successfully exploited this vulnerability could attempt to impersonate another user of the SharePoint server. To exploit this vulnerability, an authenticated attacker would send a specially crafted request to an ... oval:org.secpod.oval:def:55355 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:55353 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:55354 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:55358 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:42757 The host is missing a moderate severity security update KB4011244 oval:org.secpod.oval:def:42731 An elevation of privilege vulnerability exists in Microsoft Project when Microsoft Project Server does not properly manage user sessions. For this Cross-site Request Forgery(CSRF/XSRF) vulnerability to be exploited, the victim must be authenticated to (logged on) the target site. In a web-based atta ... oval:org.secpod.oval:def:58526 The host is missing a critical security update for KB4475590 oval:org.secpod.oval:def:58433 An elevation of privilege vulnerability exists in Microsoft SharePoint. An attacker who successfully exploited this vulnerability could attempt to impersonate another user of the SharePoint server. To exploit this vulnerability, an authenticated attacker would send a specially crafted request to an ... oval:org.secpod.oval:def:58434 A spoofing vulnerability exists in Microsoft SharePoint when it improperly handles requests to authorize applications, resulting in cross-site request forgery (CSRF). To exploit this vulnerability, an attacker would need to create a page specifically designed to cause a cross-site request. The attac ... oval:org.secpod.oval:def:58431 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:58438 A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data input. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm account ... oval:org.secpod.oval:def:58439 A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data input. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm account ... oval:org.secpod.oval:def:58524 The host is missing an important security update 4475594 oval:org.secpod.oval:def:42094 The host is missing an important security update KB3213560 oval:org.secpod.oval:def:54667 An information disclosure vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:47956 The host is missing an important security update for KB4461447 oval:org.secpod.oval:def:47919 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:47918 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:47920 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:50060 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:50064 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:64212 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:64333 The host is missing a critical security update 4484440 oval:org.secpod.oval:def:41221 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:49069 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:64202 A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacke ... oval:org.secpod.oval:def:64203 A remote code execution vulnerability exists in the way Microsoft SharePoint software parses specially crafted email messages. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the system user. An attacker could then install programs; view, change, ... oval:org.secpod.oval:def:64209 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:49070 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:64210 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:64211 This vulnerability is caused when SharePoint Server does not properly sanitize a specially crafted request to an affected SharePoint server. An authenticated attacker could exploit this vulnerability by sending a specially crafted request to an affected SharePoint server. The attacker who successful ... oval:org.secpod.oval:def:41234 The host is missing an important security update KB3213544 oval:org.secpod.oval:def:62495 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:62494 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:61279 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:61277 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:64200 A remote code execution vulnerability exists in PerformancePoint Services for SharePoint Server when the software fails to check the source markup of XML file input. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the process responsible for deseri ... oval:org.secpod.oval:def:62499 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:62498 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:62497 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:62496 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:63640 A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacke ... oval:org.secpod.oval:def:63641 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:63642 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted authentication request to an affected SharePoint server. An attacker who successfully exploited this vulnerability could execute malicious code on a vulnerable server in the ... oval:org.secpod.oval:def:63643 A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP.Net web controls. An authenticated attacker who successfully exploited the vulnerability could use a specially crafted page to perform actions in the security context ... oval:org.secpod.oval:def:63644 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:40522 The host is missing an important security update KB3191880 oval:org.secpod.oval:def:63649 An elevation of privilege vulnerability exists in Microsoft SharePoint. An attacker who successfully exploited this vulnerability could attempt to impersonate another user of the SharePoint server. To exploit this vulnerability, an authenticated attacker would send a specially crafted request to an ... oval:org.secpod.oval:def:63650 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:40531 The host is missing an important security update KB3191913 oval:org.secpod.oval:def:61345 The host is missing an important security update for KB4484255 oval:org.secpod.oval:def:63651 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:63652 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:63653 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:63776 The host is missing an important security update for KB4484402 oval:org.secpod.oval:def:63656 An open redirect vulnerability exists in Microsoft SharePoint that could lead to spoofing. To exploit the vulnerability, an attacker could send a link that has a specially crafted URL and convince the user to click the link. When an authenticated SharePoint user clicks the link, the authenticated us ... oval:org.secpod.oval:def:49135 The host is missing an important security update for KB4461501 oval:org.secpod.oval:def:62509 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:62508 A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacke ... oval:org.secpod.oval:def:62505 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:62504 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:62503 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:62502 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:62501 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:62500 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:62514 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:62513 A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacke ... oval:org.secpod.oval:def:62512 A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacke ... oval:org.secpod.oval:def:62511 A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacke ... oval:org.secpod.oval:def:62510 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:40984 This vulnerability is caused when SharePoint Server does not properly sanitize a specially crafted request to an affected SharePoint server.An authenticated attacker could exploit this vulnerability by sending a specially crafted request to an affected SharePoint server. The attacker who successfull ... oval:org.secpod.oval:def:40512 The host is missing an important security update KB3162040 oval:org.secpod.oval:def:40517 The host is missing an important security update KB3191839 oval:org.secpod.oval:def:57251 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:61930 The host is missing an important security update for KB4484272 oval:org.secpod.oval:def:49707 An information disclosure vulnerability exists where certain modes of the search function in Microsoft SharePoint Server are vulnerable to cross-site search attacks (a variant of cross-site request forgery, CSRF). When users are simultaneously logged in to Microsoft SharePoint Server and visit a mal ... oval:org.secpod.oval:def:61829 This vulnerability is caused when SharePoint Server does not properly sanitize a specially crafted request to an affected SharePoint server. An authenticated attacker could exploit this vulnerability by sending a specially crafted request to an affected SharePoint server. The attacker who successful ... oval:org.secpod.oval:def:49713 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted authentication request to an affected SharePoint server. An attacker who successfully exploited this vulnerability could execute malicious code on a vulnerable server in the ... oval:org.secpod.oval:def:49715 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:61837 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:61836 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:61834 This vulnerability is caused when SharePoint Server does not properly sanitize a specially crafted request to an affected SharePoint server. An authenticated attacker could exploit this vulnerability by sending a specially crafted request to an affected SharePoint server. The attacker who successful ... oval:org.secpod.oval:def:49721 The host is missing an important security update for KB4011680 oval:org.secpod.oval:def:49727 The host is missing an important security update for KB4461541 oval:org.secpod.oval:def:57352 The host is missing an important security update for KB4475520 oval:org.secpod.oval:def:63089 A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacke ... oval:org.secpod.oval:def:63088 A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacke ... oval:org.secpod.oval:def:63087 An information disclosure vulnerability exists where certain modes of the search function in Microsoft SharePoint Server are vulnerable to cross-site search attacks (a variant of cross-site request forgery, CSRF). When users are simultaneously logged in to Microsoft SharePoint Server and visit a mal ... oval:org.secpod.oval:def:63086 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:63085 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:63084 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:63083 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:63082 A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP.Net web controls. An authenticated attacker who successfully exploited the vulnerability could use a specially crafted page to perform actions in the security context ... oval:org.secpod.oval:def:63081 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:63080 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:63091 A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacke ... oval:org.secpod.oval:def:41019 The host is missing a moderate severity security update KB3203458 oval:org.secpod.oval:def:57962 The host is missing a critical security update for KB4475549 oval:org.secpod.oval:def:41022 The host is missing an important security update KB3203384 oval:org.secpod.oval:def:41023 The host is missing a moderate severity security update KB3203430 oval:org.secpod.oval:def:41020 The host is missing a moderate severity security update KB3203432 oval:org.secpod.oval:def:41021 The host is missing an important security update KB3203390 oval:org.secpod.oval:def:41024 The host is missing an important security update KB3172445 oval:org.secpod.oval:def:57864 An information disclosure vulnerability exists in the way Microsoft SharePoint handles session objects. A locally authenticated attacker who successfully exploited the vulnerability could hijack the session of another user. To exploit this vulnerability, the attacker could run a specially crafted ap ... oval:org.secpod.oval:def:57865 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:62609 The host is missing an important security update for KB4484299 oval:org.secpod.oval:def:50059 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:55449 The host is missing an important security update for KB4464594 oval:org.secpod.oval:def:62507 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:40981 A remote code execution vulnerability exist in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. Th ... oval:org.secpod.oval:def:40982 A remote code execution vulnerability exist in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. Th ... oval:org.secpod.oval:def:44957 A remote code execution vulnerability exists when the Office graphics component improperly handles specially crafted embedded fonts. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete d ... oval:org.secpod.oval:def:63090 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:63173 The host is missing an important security update for KB4484336 oval:org.secpod.oval:def:86117 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:86116 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:85455 The host is missing an important security update for KB5002305 oval:org.secpod.oval:def:83895 The host is missing an important security update for KB5002142 oval:org.secpod.oval:def:83866 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:83867 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:83903 The host is missing an important security update for KB5002269 oval:org.secpod.oval:def:83864 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:83865 Microsoft SharePoint Remote Code Execution Vulnerability oval:org.secpod.oval:def:42052 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:42051 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:38635 The host is installed with Microsoft Word 2016 or SharePoint Server 2016 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to properly handle objects in memory. Successful exploitation could allow to execute arbitrary code. oval:org.secpod.oval:def:38636 The host is missing an important security update according to Microsoft security bulletin, MS17-002. The update is required to fix a memory corruption vulnerability. A flaw is present in the applications, which fail to properly handle objects in memory. Successful exploitation could allow to execute ... oval:org.secpod.oval:def:64207 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:40469 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:40979 A remote code execution vulnerability exist in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. Th ... oval:org.secpod.oval:def:45389 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:43444 An Office RTF remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle RTF files. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on wi ... oval:org.secpod.oval:def:42369 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:35961 The host is missing an important security update according to Microsoft bulletin, MS16-088. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to properly handle objects in memory. Successful exploitation could allow to execute arbitrary cod ... oval:org.secpod.oval:def:35958 The host is installed with Microsoft Word 2007 SP3, Word 2010 SP2, Word 2013 SP1, Word 2016, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, SharePoint Server 2016, Office Web Apps 2010 SP2 or ... oval:org.secpod.oval:def:78714 Microsoft SharePoint Server Spoofing Vulnerability oval:org.secpod.oval:def:44597 An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory. An attacker who successfully exploited the vulnerability could view out of bound memory. Exploitation of the vulnerab ... oval:org.secpod.oval:def:43439 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:47124 An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory. An attacker who successfully exploited the vulnerability could view out of bound memory. Exploitation of the vulnerab ... oval:org.secpod.oval:def:47210 The host is missing an important security update for KB4032256 oval:org.secpod.oval:def:49712 A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with admi ... oval:org.secpod.oval:def:50065 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:50118 The host is missing an important security update for KB4461598 oval:org.secpod.oval:def:61830 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:55356 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:57863 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:64204 An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the users computer or data. To exploit the vulnerability, an attacker could craft a special docume ... oval:org.secpod.oval:def:62516 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:61835 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:64198 An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory. An attacker who successfully exploited the vulnerability could view out of bound memory. Exploitation of the vulnerab ... oval:org.secpod.oval:def:64205 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:64206 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:47924 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:71856 The host is missing an important security update 5001917 oval:org.secpod.oval:def:71813 Microsoft SharePoint Remote Code Execution Vulnerability oval:org.secpod.oval:def:71811 Microsoft SharePoint Information Disclosure Vulnerability oval:org.secpod.oval:def:71810 Microsoft SharePoint Information Disclosure Vulnerability oval:org.secpod.oval:def:71812 Microsoft SharePoint Information Disclosure Vulnerability oval:org.secpod.oval:def:71808 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:71809 Microsoft SharePoint Spoofing Vulnerability oval:org.secpod.oval:def:71807 Microsoft SharePoint Spoofing Vulnerability oval:org.secpod.oval:def:75280 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:75338 The host is missing a critical security update for KB5002029 oval:org.secpod.oval:def:75336 The host is missing a critical security update for KB5002006 oval:org.secpod.oval:def:75279 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:75282 Microsoft Word Remote Code Execution Vulnerability oval:org.secpod.oval:def:75278 Microsoft SharePoint Server Spoofing Vulnerability oval:org.secpod.oval:def:73231 The host is missing an important security update 5001922 oval:org.secpod.oval:def:73214 Microsoft SharePoint Server Spoofing Vulnerability oval:org.secpod.oval:def:73212 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:73213 Microsoft SharePoint Server Information Disclosure Vulnerability oval:org.secpod.oval:def:73215 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:73237 The host is missing a critical security update 5001946 oval:org.secpod.oval:def:73216 Microsoft SharePoint Server Spoofing Vulnerability oval:org.secpod.oval:def:73217 Microsoft SharePoint Server Spoofing Vulnerability oval:org.secpod.oval:def:73218 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:77639 Microsoft SharePoint Server Spoofing Vulnerability. Microsoft SharePoint Server fails to handle a specially crafted functionality on a SharePoint page. Successful exploitation could allow an attacker to perform spoofing. oval:org.secpod.oval:def:77635 Microsoft Office Remote Code Execution Vulnerability oval:org.secpod.oval:def:77640 Microsoft SharePoint Server Security Feature Bypass Vulnerability oval:org.secpod.oval:def:78711 Microsoft Excel Remote Code Execution Vulnerability. oval:org.secpod.oval:def:93098 The host is missing an important security update for KB5002501 oval:org.secpod.oval:def:93093 The host is missing an important security update for KB5002494 oval:org.secpod.oval:def:87477 Microsoft Word Remote Code Execution Vulnerability oval:org.secpod.oval:def:87558 The host is missing a critical security update for KB5002325 oval:org.secpod.oval:def:87478 Microsoft SharePoint Server Elevation of Privilege Vulnerability oval:org.secpod.oval:def:88134 The host is missing an important security update for KB5002368 oval:org.secpod.oval:def:88034 Microsoft SharePoint Server Spoofing Vulnerability oval:org.secpod.oval:def:88928 Microsoft SharePoint Server Spoofing Vulnerability oval:org.secpod.oval:def:90907 The host is missing a security update 5002425 oval:org.secpod.oval:def:90764 Microsoft SharePoint Server Remote Code Execution Vulnerability. oval:org.secpod.oval:def:90765 Microsoft SharePoint Remote Code Execution Vulnerability. oval:org.secpod.oval:def:90763 Microsoft SharePoint Server Remote Code Execution Vulnerability. oval:org.secpod.oval:def:90766 Microsoft SharePoint Server Spoofing Vulnerability. oval:org.secpod.oval:def:91847 The host is missing an important security update for KB5002453 oval:org.secpod.oval:def:91840 The host is missing an important security update for KB5002398 oval:org.secpod.oval:def:94486 The host is missing an important security update for KB5002517 oval:org.secpod.oval:def:81580 The host is missing an important security update for KB5002222 oval:org.secpod.oval:def:81504 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:81508 Microsoft Office Information Disclosure Vulnerability oval:org.secpod.oval:def:81507 Microsoft Office Information Disclosure Vulnerability oval:org.secpod.oval:def:81506 Microsoft Office Information Disclosure Vulnerability oval:org.secpod.oval:def:81505 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:79932 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:79991 The host is missing an important security update for KB5002195 oval:org.secpod.oval:def:77056 Microsoft Word Remote Code Execution Vulnerability oval:org.secpod.oval:def:77055 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:77054 Microsoft Office Remote Code Execution Vulnerability oval:org.secpod.oval:def:77119 The host is missing a critical security update for KB5002118 oval:org.secpod.oval:def:77115 The host is missing a critical security update 5002113 oval:org.secpod.oval:def:76456 The host is missing an important security update for KB5002055 oval:org.secpod.oval:def:76400 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:76457 The host is missing an important security update for KB5002059 oval:org.secpod.oval:def:76399 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:76398 Microsoft SharePoint Server Spoofing Vulnerability oval:org.secpod.oval:def:76397 Microsoft SharePoint Server Spoofing Vulnerability oval:org.secpod.oval:def:74875 Microsoft SharePoint Server Spoofing Vulnerability oval:org.secpod.oval:def:74874 Microsoft SharePoint Server Spoofing Vulnerability oval:org.secpod.oval:def:74929 The host is missing an important security update for KB5002020 oval:org.secpod.oval:def:74331 The host is missing an important security update for KB5002002 oval:org.secpod.oval:def:74301 Microsoft SharePoint Server Spoofing Vulnerability oval:org.secpod.oval:def:73728 Microsoft SharePoint Server Spoofing Vulnerability oval:org.secpod.oval:def:73729 Microsoft SharePoint Server Spoofing Vulnerability oval:org.secpod.oval:def:73726 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:73727 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:73725 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:73857 The host is missing a moderate severity security update for KB5001981 oval:org.secpod.oval:def:73854 The host is missing a moderate severity security update for KB5001976 oval:org.secpod.oval:def:71048 The host is missing an important security update for KB4504719 oval:org.secpod.oval:def:71039 The host is missing an important security update KB4504723 oval:org.secpod.oval:def:70930 Microsoft SharePoint Denial of Service Update oval:org.secpod.oval:def:70924 Microsoft Word Remote Code Execution Vulnerability oval:org.secpod.oval:def:70078 The host is missing an important security update for KB4493232 oval:org.secpod.oval:def:70068 The host is missing an important security update 4493199 oval:org.secpod.oval:def:69983 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:69975 Microsoft SharePoint Server Information Disclosure Vulnerability oval:org.secpod.oval:def:69973 Microsoft SharePoint Spoofing Vulnerability oval:org.secpod.oval:def:69067 The host is missing an important security update for KB4493195 oval:org.secpod.oval:def:69008 Microsoft SharePoint Spoofing Vulnerability oval:org.secpod.oval:def:69009 Microsoft SharePoint Remote Code Execution Vulnerability oval:org.secpod.oval:def:69014 Microsoft SharePoint Information Disclosure Vulnerability oval:org.secpod.oval:def:69015 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:68172 Microsoft SharePoint Elevation of Privilege Vulnerability oval:org.secpod.oval:def:68170 Microsoft SharePoint Spoofing Vulnerability oval:org.secpod.oval:def:68162 Microsoft SharePoint Spoofing Vulnerability oval:org.secpod.oval:def:68163 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:68165 Microsoft SharePoint Elevation of Privilege Vulnerability oval:org.secpod.oval:def:68168 Microsoft Word Remote Code Execution Vulnerability oval:org.secpod.oval:def:68169 Microsoft Word Remote Code Execution Vulnerability oval:org.secpod.oval:def:68272 The host is missing an important security update 4493167 oval:org.secpod.oval:def:68270 The host is missing an important security update for KB4493163 oval:org.secpod.oval:def:67679 Microsoft SharePoint Elevation of Privilege Vulnerability oval:org.secpod.oval:def:67681 Microsoft SharePoint Remote Code Execution Vulnerability oval:org.secpod.oval:def:67724 The host is missing an important security update 4486721 oval:org.secpod.oval:def:67729 The host is missing a critical security update for KB4486753 oval:org.secpod.oval:def:67680 Microsoft SharePoint Spoofing Vulnerability oval:org.secpod.oval:def:67683 Microsoft SharePoint Information Disclosure Vulnerability oval:org.secpod.oval:def:67684 Microsoft SharePoint Remote Code Execution Vulnerability oval:org.secpod.oval:def:66957 The host is missing an important security update for KB4486717 oval:org.secpod.oval:def:66909 The host is installed with Microsoft SharePoint products and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow a remote attacker to execute arbitrary code. oval:org.secpod.oval:def:66908 The host is installed with Microsoft SharePoint products and is prone to a spoofing vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow a remote attacker to perform spoofing attacks. oval:org.secpod.oval:def:66905 The host is installed with Microsoft SharePoint products and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow an attacker to disclosure sensitive information. oval:org.secpod.oval:def:66904 The host is installed with Microsoft SharePoint products and is prone to a spoofing vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow a remote attacker to perform spoofing attacks. oval:org.secpod.oval:def:66903 The host is installed with Microsoft SharePoint products and is prone to a spoofing vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow a remote attacker to perform spoofing attacks. oval:org.secpod.oval:def:66902 The host is installed with Microsoft SharePoint products and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow an attacker to disclose sensitive information. oval:org.secpod.oval:def:66048 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:66047 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:66049 An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. To exploit the vulnerability, an attacker would have ... oval:org.secpod.oval:def:66133 The host is missing an important security update for KB4486677 oval:org.secpod.oval:def:66042 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:66044 An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. To exploit the vulnerability, an attacker would have ... oval:org.secpod.oval:def:66039 An information disclosure vulnerability exists when Microsoft SharePoint Server improperly discloses its folder structure when rendering specific web pages. An attacker who took advantage of this information disclosure could view the folder path of scripts loaded on the page. To take advantage of th ... oval:org.secpod.oval:def:66040 This vulnerability is caused when SharePoint Server does not properly sanitize a specially crafted request to an affected SharePoint server. An authenticated attacker could exploit this vulnerability by sending a specially crafted request to an affected SharePoint server. The attacker who successful ... oval:org.secpod.oval:def:66041 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:66038 An information disclosure vulnerability exists when Microsoft SharePoint Server improperly discloses its folder structure when rendering specific web pages. An attacker who took advantage of this information disclosure could view the folder path of scripts loaded on the page. To take advantage of th ... oval:org.secpod.oval:def:65532 The host is missing an important security update for KB4484506 oval:org.secpod.oval:def:65388 A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data input. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm account ... oval:org.secpod.oval:def:65386 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:65383 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:65380 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:65381 A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP.Net web controls. An authenticated attacker who successfully exploited the vulnerability could use a specially crafted page to perform actions in the security context ... oval:org.secpod.oval:def:65382 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:65378 A tampering vulnerability exists when Microsoft SharePoint Server fails to properly handle profile data. An attacker who successfully exploited this vulnerability could modify a targeted user's profile data. To exploit the vulnerability, an attacker would need to be authenticated on an affected Shar ... oval:org.secpod.oval:def:65379 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:65377 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:65535 The host is missing a critical security update for KB4484512 oval:org.secpod.oval:def:65371 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:65373 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:65367 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:65368 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:65369 A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacke ... oval:org.secpod.oval:def:65370 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:64331 The host is missing a critical security update for KB4484436 oval:org.secpod.oval:def:64196 An elevation of privilege vulnerability exists when Microsoft SharePoint Server and Skype for Business Server improperly handle OAuth token validation. An attacker who successfully exploited the vulnerability could bypass authentication and achieve improper access. To exploit this vulnerability, an ... oval:org.secpod.oval:def:90330 Microsoft SharePoint Denial of Service Vulnerability oval:org.secpod.oval:def:90408 The host is missing an important security update for KB5002404 oval:org.secpod.oval:def:64974 The host is missing a security update 4484476 oval:org.secpod.oval:def:64921 An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the users computer or data. To exploit the vulnerability, an attacker could craft a special document ... oval:org.secpod.oval:def:64929 An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the users computer or data. To exploit the vulnerability, an attacker could craft a special document ... oval:org.secpod.oval:def:64971 The host is missing an important security update for KB4484473 oval:org.secpod.oval:def:64923 An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. To exploit the vulnerability, an attacker would have ... oval:org.secpod.oval:def:64925 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:64926 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:64917 A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacke ... oval:org.secpod.oval:def:64918 A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacke ... oval:org.secpod.oval:def:64919 A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacke ... oval:org.secpod.oval:def:57244 An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys. This vulnerability allows an attacker to impersonate another user, which can lead to elevation of privileges. ... oval:org.secpod.oval:def:98414 Microsoft SharePoint Server Remote Code Execution Vulnerability. oval:org.secpod.oval:def:89708 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:89707 Microsoft SharePoint Server Information Disclosure Vulnerability oval:org.secpod.oval:def:89706 Microsoft SharePoint Server Spoofing Vulnerability oval:org.secpod.oval:def:89728 The host is missing a critical security update for KB5002397 oval:org.secpod.oval:def:98996 The host is missing an important security update for KB5002583 oval:org.secpod.oval:def:98914 Microsoft SharePoint Server Spoofing Vulnerability. oval:org.secpod.oval:def:40467 A remote code execution vulnerability exist in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. Th ... oval:org.secpod.oval:def:96663 Microsoft SharePoint Server Remote Code Execution Vulnerability. oval:org.secpod.oval:def:96714 The host is missing an important security update for KB5002541 |