Download
| Alert*
oval:org.secpod.oval:def:50693
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:59699 The host is missing an important security update for KB4484143 oval:org.secpod.oval:def:64212 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:64339 The host is missing a security update 4484452 oval:org.secpod.oval:def:64202 A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacke ... oval:org.secpod.oval:def:64203 A remote code execution vulnerability exists in the way Microsoft SharePoint software parses specially crafted email messages. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the system user. An attacker could then install programs; view, change, ... oval:org.secpod.oval:def:64209 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:64210 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:64211 This vulnerability is caused when SharePoint Server does not properly sanitize a specially crafted request to an affected SharePoint server. An authenticated attacker could exploit this vulnerability by sending a specially crafted request to an affected SharePoint server. The attacker who successful ... oval:org.secpod.oval:def:62495 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:62494 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:61279 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:61278 Microsoft SharePoint Server 2019 is installed oval:org.secpod.oval:def:61277 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:64200 A remote code execution vulnerability exists in PerformancePoint Services for SharePoint Server when the software fails to check the source markup of XML file input. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the process responsible for deseri ... oval:org.secpod.oval:def:62499 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:62498 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:62497 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:62496 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:63640 A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacke ... oval:org.secpod.oval:def:63641 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:63642 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted authentication request to an affected SharePoint server. An attacker who successfully exploited this vulnerability could execute malicious code on a vulnerable server in the ... oval:org.secpod.oval:def:63643 A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP.Net web controls. An authenticated attacker who successfully exploited the vulnerability could use a specially crafted page to perform actions in the security context ... oval:org.secpod.oval:def:63644 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:63649 An elevation of privilege vulnerability exists in Microsoft SharePoint. An attacker who successfully exploited this vulnerability could attempt to impersonate another user of the SharePoint server. To exploit this vulnerability, an authenticated attacker would send a specially crafted request to an ... oval:org.secpod.oval:def:61337 The host is missing an important security update for KB4484259 oval:org.secpod.oval:def:63650 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:63651 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:63652 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:63653 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:63775 The host is missing an important security update for KB4484400 oval:org.secpod.oval:def:63656 An open redirect vulnerability exists in Microsoft SharePoint that could lead to spoofing. To exploit the vulnerability, an attacker could send a link that has a specially crafted URL and convince the user to click the link. When an authenticated SharePoint user clicks the link, the authenticated us ... oval:org.secpod.oval:def:62509 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:62508 A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacke ... oval:org.secpod.oval:def:62505 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:62504 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:62503 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:62502 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:62501 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:62500 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:62514 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:62513 A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacke ... oval:org.secpod.oval:def:62511 A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacke ... oval:org.secpod.oval:def:62510 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:61933 The host is missing an important security update for KB4484271 oval:org.secpod.oval:def:61837 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:61836 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:61834 This vulnerability is caused when SharePoint Server does not properly sanitize a specially crafted request to an affected SharePoint server. An authenticated attacker could exploit this vulnerability by sending a specially crafted request to an affected SharePoint server. The attacker who successful ... oval:org.secpod.oval:def:61832 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:63088 A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacke ... oval:org.secpod.oval:def:63087 An information disclosure vulnerability exists where certain modes of the search function in Microsoft SharePoint Server are vulnerable to cross-site search attacks (a variant of cross-site request forgery, CSRF). When users are simultaneously logged in to Microsoft SharePoint Server and visit a mal ... oval:org.secpod.oval:def:63086 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:63085 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:63084 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:63083 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:63082 A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP.Net web controls. An authenticated attacker who successfully exploited the vulnerability could use a specially crafted page to perform actions in the security context ... oval:org.secpod.oval:def:63081 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:63080 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:63091 A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacke ... oval:org.secpod.oval:def:62603 The host is missing an important security update for KB4484292 oval:org.secpod.oval:def:62507 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:63090 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:63174 The host is missing an important security update for KB4484332 oval:org.secpod.oval:def:86117 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:86116 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:85452 The host is missing an important security update for KB5002294 oval:org.secpod.oval:def:83899 The host is missing an important security update for KB5002257 oval:org.secpod.oval:def:83866 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:83867 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:83900 The host is missing an important security update for KB5002258 oval:org.secpod.oval:def:83864 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:83865 Microsoft SharePoint Remote Code Execution Vulnerability oval:org.secpod.oval:def:64207 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:78714 Microsoft SharePoint Server Spoofing Vulnerability oval:org.secpod.oval:def:49712 A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with admi ... oval:org.secpod.oval:def:50065 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:61830 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:55356 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:57863 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:64204 An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the users computer or data. To exploit the vulnerability, an attacker could craft a special docume ... oval:org.secpod.oval:def:62516 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:61835 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:64198 An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory. An attacker who successfully exploited the vulnerability could view out of bound memory. Exploitation of the vulnerab ... oval:org.secpod.oval:def:64205 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:64206 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:71855 The host is missing an important security update 5001916 oval:org.secpod.oval:def:71813 Microsoft SharePoint Remote Code Execution Vulnerability oval:org.secpod.oval:def:71811 Microsoft SharePoint Information Disclosure Vulnerability oval:org.secpod.oval:def:71810 Microsoft SharePoint Information Disclosure Vulnerability oval:org.secpod.oval:def:71812 Microsoft SharePoint Information Disclosure Vulnerability oval:org.secpod.oval:def:71808 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:71809 Microsoft SharePoint Spoofing Vulnerability oval:org.secpod.oval:def:71807 Microsoft SharePoint Spoofing Vulnerability oval:org.secpod.oval:def:75280 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:75337 The host is missing a critical security update for KB5002028 oval:org.secpod.oval:def:75279 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:75282 Microsoft Word Remote Code Execution Vulnerability oval:org.secpod.oval:def:75277 Microsoft SharePoint Server Spoofing Vulnerability oval:org.secpod.oval:def:75276 Microsoft SharePoint Server Information Disclosure Vulnerability oval:org.secpod.oval:def:75278 Microsoft SharePoint Server Spoofing Vulnerability oval:org.secpod.oval:def:73236 The host is missing an important security update 5001945 oval:org.secpod.oval:def:73214 Microsoft SharePoint Server Spoofing Vulnerability oval:org.secpod.oval:def:73212 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:73213 Microsoft SharePoint Server Information Disclosure Vulnerability oval:org.secpod.oval:def:73215 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:73235 The host is missing a critical security update 5001944 oval:org.secpod.oval:def:73216 Microsoft SharePoint Server Spoofing Vulnerability oval:org.secpod.oval:def:73217 Microsoft SharePoint Server Spoofing Vulnerability oval:org.secpod.oval:def:73218 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:77639 Microsoft SharePoint Server Spoofing Vulnerability. Microsoft SharePoint Server fails to handle a specially crafted functionality on a SharePoint page. Successful exploitation could allow an attacker to perform spoofing. oval:org.secpod.oval:def:77635 Microsoft Office Remote Code Execution Vulnerability oval:org.secpod.oval:def:77640 Microsoft SharePoint Server Security Feature Bypass Vulnerability oval:org.secpod.oval:def:93088 The host is missing an important security update for KB5002472 oval:org.secpod.oval:def:87477 Microsoft Word Remote Code Execution Vulnerability oval:org.secpod.oval:def:87560 The host is missing a critical security update for KB5002342 oval:org.secpod.oval:def:87559 The host is missing a critical security update for KB5002330 oval:org.secpod.oval:def:87478 Microsoft SharePoint Server Elevation of Privilege Vulnerability oval:org.secpod.oval:def:88131 The host is missing an important security update for KB5002358 oval:org.secpod.oval:def:88034 Microsoft SharePoint Server Spoofing Vulnerability oval:org.secpod.oval:def:88928 Microsoft SharePoint Server Spoofing Vulnerability oval:org.secpod.oval:def:90905 The host is missing a security update 5002423 oval:org.secpod.oval:def:90764 Microsoft SharePoint Server Remote Code Execution Vulnerability. oval:org.secpod.oval:def:90765 Microsoft SharePoint Remote Code Execution Vulnerability. oval:org.secpod.oval:def:90763 Microsoft SharePoint Server Remote Code Execution Vulnerability. oval:org.secpod.oval:def:90766 Microsoft SharePoint Server Spoofing Vulnerability. oval:org.secpod.oval:def:90767 Microsoft SharePoint Server Security Feature Bypass Vulnerability. oval:org.secpod.oval:def:91842 The host is missing an important security update for KB5002436 oval:org.secpod.oval:def:91841 The host is missing an important security update for KB5002422 oval:org.secpod.oval:def:94489 The host is missing an important security update for KB5002526 oval:org.secpod.oval:def:81576 The host is missing an important security update for KB5002212 oval:org.secpod.oval:def:81504 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:81508 Microsoft Office Information Disclosure Vulnerability oval:org.secpod.oval:def:81507 Microsoft Office Information Disclosure Vulnerability oval:org.secpod.oval:def:81506 Microsoft Office Information Disclosure Vulnerability oval:org.secpod.oval:def:81505 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:79932 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:79996 The host is missing an important security update for KB5002207 oval:org.secpod.oval:def:77055 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:77054 Microsoft Office Remote Code Execution Vulnerability oval:org.secpod.oval:def:77114 The host is missing a critical security update 5002109 oval:org.secpod.oval:def:77113 The host is missing a critical security update 5002108 oval:org.secpod.oval:def:76455 The host is missing an important security update for KB5002054 oval:org.secpod.oval:def:76400 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:76458 The host is missing an important security update for KB5002061 oval:org.secpod.oval:def:76399 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:76398 Microsoft SharePoint Server Spoofing Vulnerability oval:org.secpod.oval:def:76397 Microsoft SharePoint Server Spoofing Vulnerability oval:org.secpod.oval:def:74874 Microsoft SharePoint Server Spoofing Vulnerability oval:org.secpod.oval:def:74928 The host is missing an important security update 5002018 oval:org.secpod.oval:def:74330 The host is missing an important security update for KB5002000 oval:org.secpod.oval:def:74301 Microsoft SharePoint Server Spoofing Vulnerability oval:org.secpod.oval:def:73728 Microsoft SharePoint Server Spoofing Vulnerability oval:org.secpod.oval:def:73726 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:73727 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:73725 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:73853 The host is missing an important security update 5001975 oval:org.secpod.oval:def:71047 The host is missing an important security update KB4504715 oval:org.secpod.oval:def:71046 The host is missing an important security update for KB4504716 oval:org.secpod.oval:def:70930 Microsoft SharePoint Denial of Service Update oval:org.secpod.oval:def:70924 Microsoft Word Remote Code Execution Vulnerability oval:org.secpod.oval:def:70076 The host is missing an important security update for KB4493230 oval:org.secpod.oval:def:70077 The host is missing an important security update 4493231 oval:org.secpod.oval:def:69983 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:69975 Microsoft SharePoint Server Information Disclosure Vulnerability oval:org.secpod.oval:def:69973 Microsoft SharePoint Spoofing Vulnerability oval:org.secpod.oval:def:69066 The host is missing an important security update for KB4493194 oval:org.secpod.oval:def:69008 Microsoft SharePoint Spoofing Vulnerability oval:org.secpod.oval:def:69009 Microsoft SharePoint Remote Code Execution Vulnerability oval:org.secpod.oval:def:69014 Microsoft SharePoint Information Disclosure Vulnerability oval:org.secpod.oval:def:69015 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:68172 Microsoft SharePoint Elevation of Privilege Vulnerability oval:org.secpod.oval:def:68170 Microsoft SharePoint Spoofing Vulnerability oval:org.secpod.oval:def:68269 The host is missing an important security update for KB4493162 oval:org.secpod.oval:def:68268 The host is missing an important security update 4493161 oval:org.secpod.oval:def:68162 Microsoft SharePoint Spoofing Vulnerability oval:org.secpod.oval:def:68163 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:68165 Microsoft SharePoint Elevation of Privilege Vulnerability oval:org.secpod.oval:def:68168 Microsoft Word Remote Code Execution Vulnerability oval:org.secpod.oval:def:68169 Microsoft Word Remote Code Execution Vulnerability oval:org.secpod.oval:def:67679 Microsoft SharePoint Elevation of Privilege Vulnerability oval:org.secpod.oval:def:67681 Microsoft SharePoint Remote Code Execution Vulnerability oval:org.secpod.oval:def:67728 The host is missing a critical security update for KB4486751 oval:org.secpod.oval:def:67733 The host is missing an important security update 4486752 oval:org.secpod.oval:def:67680 Microsoft SharePoint Spoofing Vulnerability oval:org.secpod.oval:def:67683 Microsoft SharePoint Information Disclosure Vulnerability oval:org.secpod.oval:def:67684 Microsoft SharePoint Remote Code Execution Vulnerability oval:org.secpod.oval:def:66956 The host is missing an important security update for KB4486714 oval:org.secpod.oval:def:66909 The host is installed with Microsoft SharePoint products and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow a remote attacker to execute arbitrary code. oval:org.secpod.oval:def:66908 The host is installed with Microsoft SharePoint products and is prone to a spoofing vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow a remote attacker to perform spoofing attacks. oval:org.secpod.oval:def:66905 The host is installed with Microsoft SharePoint products and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow an attacker to disclosure sensitive information. oval:org.secpod.oval:def:66904 The host is installed with Microsoft SharePoint products and is prone to a spoofing vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow a remote attacker to perform spoofing attacks. oval:org.secpod.oval:def:66903 The host is installed with Microsoft SharePoint products and is prone to a spoofing vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow a remote attacker to perform spoofing attacks. oval:org.secpod.oval:def:66902 The host is installed with Microsoft SharePoint products and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow an attacker to disclose sensitive information. oval:org.secpod.oval:def:66048 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:66047 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:66049 An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. To exploit the vulnerability, an attacker would have ... oval:org.secpod.oval:def:66132 The host is missing an important security update for KB4486676 oval:org.secpod.oval:def:66042 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:66044 An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. To exploit the vulnerability, an attacker would have ... oval:org.secpod.oval:def:66046 An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. To exploit the vulnerability, an attacker would have ... oval:org.secpod.oval:def:66039 An information disclosure vulnerability exists when Microsoft SharePoint Server improperly discloses its folder structure when rendering specific web pages. An attacker who took advantage of this information disclosure could view the folder path of scripts loaded on the page. To take advantage of th ... oval:org.secpod.oval:def:66040 This vulnerability is caused when SharePoint Server does not properly sanitize a specially crafted request to an affected SharePoint server. An authenticated attacker could exploit this vulnerability by sending a specially crafted request to an affected SharePoint server. The attacker who successful ... oval:org.secpod.oval:def:66041 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:66038 An information disclosure vulnerability exists when Microsoft SharePoint Server improperly discloses its folder structure when rendering specific web pages. An attacker who took advantage of this information disclosure could view the folder path of scripts loaded on the page. To take advantage of th ... oval:org.secpod.oval:def:65531 The host is missing an important security update for KB4484505 oval:org.secpod.oval:def:65388 A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data input. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm account ... oval:org.secpod.oval:def:65384 A tampering vulnerability exists when Microsoft SharePoint Server fails to properly handle profile data. An attacker who successfully exploited this vulnerability could modify a targeted user's profile data. To exploit the vulnerability, an attacker would need to be authenticated on an affected Shar ... oval:org.secpod.oval:def:65386 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:65383 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:65380 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:65381 A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP.Net web controls. An authenticated attacker who successfully exploited the vulnerability could use a specially crafted page to perform actions in the security context ... oval:org.secpod.oval:def:65382 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:65530 The host is missing a critical security update for KB4484504 oval:org.secpod.oval:def:65378 A tampering vulnerability exists when Microsoft SharePoint Server fails to properly handle profile data. An attacker who successfully exploited this vulnerability could modify a targeted user's profile data. To exploit the vulnerability, an attacker would need to be authenticated on an affected Shar ... oval:org.secpod.oval:def:65379 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:65376 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:65377 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:65375 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:65371 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:65373 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:65367 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:65368 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:65369 A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacke ... oval:org.secpod.oval:def:65370 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:64340 The host is missing an important security update for KB4484453 oval:org.secpod.oval:def:64196 An elevation of privilege vulnerability exists when Microsoft SharePoint Server and Skype for Business Server improperly handle OAuth token validation. An attacker who successfully exploited the vulnerability could bypass authentication and achieve improper access. To exploit this vulnerability, an ... oval:org.secpod.oval:def:90329 Microsoft SharePoint Server Elevation of Privilege Vulnerability oval:org.secpod.oval:def:90330 Microsoft SharePoint Denial of Service Vulnerability oval:org.secpod.oval:def:90331 Microsoft SharePoint Server Spoofing Vulnerability oval:org.secpod.oval:def:90332 Microsoft SharePoint Server Spoofing Vulnerability oval:org.secpod.oval:def:90333 Microsoft SharePoint Server Elevation of Privilege Vulnerability oval:org.secpod.oval:def:90406 The host is missing a critical security update for KB5002402 oval:org.secpod.oval:def:90407 The host is missing a critical security update for KB5002403 oval:org.secpod.oval:def:64969 The host is missing a security update 4484471 oval:org.secpod.oval:def:64920 An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the users computer or data. To exploit the vulnerability, an attacker could craft a special document ... oval:org.secpod.oval:def:64921 An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the users computer or data. To exploit the vulnerability, an attacker could craft a special document ... oval:org.secpod.oval:def:64929 An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the users computer or data. To exploit the vulnerability, an attacker could craft a special document ... oval:org.secpod.oval:def:64970 The host is missing an important security update for KB4484472 oval:org.secpod.oval:def:64923 An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. To exploit the vulnerability, an attacker would have ... oval:org.secpod.oval:def:64925 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:64926 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:64917 A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacke ... oval:org.secpod.oval:def:64918 A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacke ... oval:org.secpod.oval:def:64919 A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacke ... oval:org.secpod.oval:def:57244 An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys. This vulnerability allows an attacker to impersonate another user, which can lead to elevation of privileges. ... oval:org.secpod.oval:def:98414 Microsoft SharePoint Server Remote Code Execution Vulnerability. oval:org.secpod.oval:def:89708 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:89707 Microsoft SharePoint Server Information Disclosure Vulnerability oval:org.secpod.oval:def:89706 Microsoft SharePoint Server Spoofing Vulnerability oval:org.secpod.oval:def:89727 The host is missing a critical security update for KB5002389 oval:org.secpod.oval:def:98994 The host is missing an important security update for KB5002580 oval:org.secpod.oval:def:98914 Microsoft SharePoint Server Spoofing Vulnerability. oval:org.secpod.oval:def:96663 Microsoft SharePoint Server Remote Code Execution Vulnerability. oval:org.secpod.oval:def:96712 The host is missing an important security update for KB5002539 |