Microsoft Sharepoint Server — known CVE vulnerabilities
Every CVE whose affected-product data names Microsoft Sharepoint Server, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (200)
CVE-2013-1330 — CVSS 10.0 (critical): The default configuration of Microsoft SharePoint Portal Server 2003 SP3, SharePoint Server 2007 SP3 and 2010 SP1 and SP2, and Office Web…
CVE-2020-1210 — CVSS 9.9 (critical): <p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an…
CVE-2020-1595 — CVSS 9.9 (critical): <p>A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data input. An…
CVE-2019-1205 — CVSS 9.8 (critical): A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who…
CVE-2020-1025 — CVSS 9.8 (critical): An elevation of privilege vulnerability exists when Microsoft SharePoint Server and Skype for Business Server improperly handle OAuth token…
CVE-2013-3889 — CVSS 9.3 (critical): Microsoft Excel 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office for Mac 2011…
CVE-2015-2555 — CVSS 9.3 (critical): Use-after-free vulnerability in Microsoft Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for…
CVE-2013-3858 — CVSS 9.3 (critical): Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007…
CVE-2015-2558 — CVSS 9.3 (critical): Use-after-free vulnerability in Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac…
CVE-2015-0085 — CVSS 9.3 (critical): Use-after-free vulnerability in Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010…
CVE-2015-6038 — CVSS 9.3 (critical): Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office…
CVE-2013-3857 — CVSS 9.3 (critical): Microsoft Word Automation Services in SharePoint Server 2010 SP1 and SP2, Word Web App 2010 SP1 and SP2 in Office Web Apps 2010, Word 2003…
CVE-2015-6093 — CVSS 9.3 (critical): Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office 2016, Word Automation Services on SharePoint Server…
CVE-2015-6094 — CVSS 9.3 (critical): Microsoft Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, and Excel Services on…
CVE-2013-3849 — CVSS 9.3 (critical): Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007…
CVE-2008-3006 — CVSS 9.3 (critical): Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP2 and SP3, and 2007 Gold and SP1; Office Excel Viewer 2003 Gold and SP3; Office Excel…
CVE-2008-4019 — CVSS 9.3 (critical): Integer overflow in the REPT function in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2 and SP3, and 2007 Gold and SP1; Office Excel Viewer…
CVE-2013-3848 — CVSS 9.3 (critical): Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007…
CVE-2011-1989 — CVSS 9.3 (critical): Microsoft Excel 2003 SP3 and 2007 SP2; Excel in Office 2007 SP2; Excel 2010 Gold and SP1; Excel in Office 2010 Gold and SP1; Office 2004…
CVE-2011-1990 — CVSS 9.3 (critical): Microsoft Excel 2007 SP2; Excel in Office 2007 SP2; Excel Viewer SP2; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File…
CVE-2013-3847 — CVSS 9.3 (critical): Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007…
CVE-2014-4117 — CVSS 9.3 (critical): Microsoft Office 2007 SP3, Word 2007 SP3, Office 2010 SP1 and SP2, Word 2010 SP1 and SP2, Office for Mac 2011, Office Compatibility Pack…
CVE-2015-2468 — CVSS 9.3 (critical): Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Office for Mac 2011, Office for Mac 2016, Office…
CVE-2015-1650 — CVSS 9.3 (critical): Use-after-free vulnerability in Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word Viewer…
CVE-2015-0064 — CVSS 9.3 (critical): Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word Automation Services in SharePoint Server 2010, Web Applications 2010 SP2…
CVE-2013-1315 — CVSS 9.3 (critical): Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013; Office Web Apps 2010; Excel 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013…
CVE-2013-0007 — CVSS 9.3 (critical): Microsoft XML Core Services (aka MSXML) 4.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute…
CVE-2015-0086 — CVSS 9.3 (critical): Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 Gold and SP1, Word 2013 RT Gold and SP1, Word Viewer, Office…
CVE-2014-0260 — CVSS 9.3 (critical): Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office Compatibility Pack SP3; Word Viewer; SharePoint Server 2010…
CVE-2014-6357 — CVSS 9.3 (critical): Use-after-free vulnerability in Microsoft Office 2010 SP2, Office 2013 Gold and SP1, Office 2013 RT Gold and SP1, Office for Mac 2011, Word…
CVE-2015-1649 — CVSS 9.3 (critical): Use-after-free vulnerability in Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word Viewer, Office Compatibility Pack SP3, Word…
CVE-2014-2816 — CVSS 9.3 (critical): Microsoft SharePoint Server 2013 Gold and SP1 and SharePoint Foundation 2013 Gold and SP1 allow remote authenticated users to gain…
CVE-2014-0251 — CVSS 9.0 (critical): Microsoft Windows SharePoint Services 3.0 SP3; SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 Gold and SP1; SharePoint Foundation…
CVE-2020-1523 — CVSS 8.9 (high): <p>A tampering vulnerability exists when Microsoft SharePoint Server fails to properly handle profile data. An attacker who successfully…
CVE-2020-1439 — CVSS 8.8 (high): A remote code execution vulnerability exists in PerformancePoint Services for SharePoint Server when the software fails to check the source…
CVE-2019-1296 — CVSS 8.8 (high): A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data input, aka…
CVE-2025-64672 — CVSS 8.8 (high): Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized…
CVE-2025-59237 — CVSS 8.8 (high): Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVE-2026-40365 — CVSS 8.8 (high): Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVE-2026-40357 — CVSS 8.8 (high): Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVE-2016-0183 — CVSS 8.8 (high): The Windows font library in Microsoft Office 2010 SP2, Word 2010 SP2, Word Automation Services on SharePoint Server 2010 SP2, and Office…
CVE-2026-35439 — CVSS 8.8 (high): Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVE-2026-33112 — CVSS 8.8 (high): Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVE-2026-33110 — CVSS 8.8 (high): Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVE-2020-0850 — CVSS 8.8 (high): A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft…
CVE-2020-0920 — CVSS 8.8 (high): A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application…
CVE-2020-0929 — CVSS 8.8 (high): A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application…
CVE-2026-20947 — CVSS 8.8 (high): Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Office SharePoint allows an authorized…
CVE-2020-0931 — CVSS 8.8 (high): A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application…
CVE-2020-0932 — CVSS 8.8 (high): A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application…
CVE-2020-0971 — CVSS 8.8 (high): A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application…
CVE-2020-0974 — CVSS 8.8 (high): A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application…
CVE-2020-1448 — CVSS 8.8 (high): A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft…
CVE-2020-1023 — CVSS 8.8 (high): A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application…
CVE-2020-1024 — CVSS 8.8 (high): A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application…
CVE-2020-1069 — CVSS 8.8 (high): A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP.Net…
CVE-2020-1447 — CVSS 8.8 (high): A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft…
CVE-2020-1102 — CVSS 8.8 (high): A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application…
CVE-2020-1446 — CVSS 8.8 (high): A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft…
CVE-2020-1178 — CVSS 8.8 (high): An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted…
CVE-2020-1181 — CVSS 8.8 (high): A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP.Net…
CVE-2020-1295 — CVSS 8.8 (high): An elevation of privilege vulnerability exists in Microsoft SharePoint, aka 'Microsoft SharePoint Elevation of Privilege Vulnerability'.
CVE-2025-59228 — CVSS 8.8 (high): Improper input validation in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVE-2013-0006 — CVSS 8.8 (high): Microsoft XML Core Services (aka MSXML) 3.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute…
CVE-2020-1583 — CVSS 8.8 (high): An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. An attacker who…
CVE-2026-26114 — CVSS 8.8 (high): Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVE-2026-45484 — CVSS 8.8 (high): Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to elevate privileges over a network.
CVE-2017-8509 — CVSS 8.8 (high): A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office…
CVE-2026-26106 — CVSS 8.8 (high): Improper input validation in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVE-2017-8569 — CVSS 8.8 (high): Microsoft SharePoint Server allows an elevation of privilege vulnerability due to the way that it sanitizes a specially crafted web request…
CVE-2018-0789 — CVSS 8.8 (high): Microsoft SharePoint Foundation 2010, Microsoft SharePoint Server 2013 and Microsoft SharePoint Server 2016 allow an elevation of privilege…
CVE-2018-0792 — CVSS 8.8 (high): Microsoft Word 2016 in Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka…
CVE-2025-54897 — CVSS 8.8 (high): Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVE-2025-49712 — CVSS 8.8 (high): Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVE-2025-49701 — CVSS 8.8 (high): Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVE-2025-47172 — CVSS 8.8 (high): Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Office SharePoint allows an authorized…
CVE-2018-8504 — CVSS 8.8 (high): A remote code execution vulnerability exists in Microsoft Word software when the software fails to properly handle objects in Protected…
CVE-2025-47166 — CVSS 8.8 (high): Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVE-2025-47163 — CVSS 8.8 (high): Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVE-2018-8635 — CVSS 8.8 (high): An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted…
CVE-2025-29794 — CVSS 8.8 (high): Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVE-2019-0585 — CVSS 8.8 (high): A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka "Microsoft…
CVE-2019-0594 — CVSS 8.8 (high): A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application…
CVE-2019-0957 — CVSS 8.8 (high): An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request…
CVE-2019-0958 — CVSS 8.8 (high): An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request…
CVE-2020-1495 — CVSS 8.8 (high): A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An…
CVE-2019-1257 — CVSS 8.8 (high): A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application…
CVE-2019-1261 — CVSS 8.8 (high): A spoofing vulnerability exists in Microsoft SharePoint when it improperly handles requests to authorize applications, resulting in…
CVE-2019-1295 — CVSS 8.8 (high): A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data input, aka…
CVE-2020-16945 — CVSS 8.7 (high): <p>A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web…
CVE-2020-16944 — CVSS 8.7 (high): <p>This vulnerability is caused when SharePoint Server does not properly sanitize a specially crafted request to an affected SharePoint…
CVE-2020-16946 — CVSS 8.7 (high): <p>A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web…
CVE-2020-1200 — CVSS 8.6 (high): <p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an…
CVE-2020-1460 — CVSS 8.6 (high): <p>A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP.Net…
CVE-2020-16951 — CVSS 8.6 (high): <p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an…
CVE-2020-16952 — CVSS 8.6 (high): <p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an…
CVE-2020-1453 — CVSS 8.6 (high): <p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an…
CVE-2020-1452 — CVSS 8.6 (high): <p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an…
CVE-2020-1576 — CVSS 8.5 (high): <p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an…
CVE-2026-26113 — CVSS 8.4 (high): Untrusted pointer dereference in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-45458 — CVSS 8.4 (high): Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-40367 — CVSS 8.4 (high): Access of resource using incompatible type ('type confusion') in Microsoft Office Word allows an unauthorized attacker to execute code…
CVE-2026-45456 — CVSS 8.4 (high): Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-53733 — CVSS 8.4 (high): Incorrect conversion between numeric types in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2018-8284 — CVSS 8.1 (high): A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka ".NET Framework Remote…
CVE-2026-26105 — CVSS 8.1 (high): Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an unauthorized…
CVE-2026-47294 — CVSS 8.0 (high): Improper neutralization of special elements used in an os command ('os command injection') in Microsoft Office SharePoint allows an…
CVE-2026-40368 — CVSS 8.0 (high): Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVE-2026-47298 — CVSS 8.0 (high): Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVE-2025-62204 — CVSS 8.0 (high): Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVE-2013-0085 — CVSS 7.8 (high): Buffer overflow in Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1 allows remote attackers to cause a denial of…
CVE-2026-20951 — CVSS 7.8 (high): Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.
CVE-2025-62562 — CVSS 7.8 (high): Use after free in Microsoft Office Outlook allows an unauthorized attacker to execute code locally.
CVE-2025-62559 — CVSS 7.8 (high): Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-62558 — CVSS 7.8 (high): Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2016-0022 — CVSS 7.8 (high): Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac…
CVE-2016-0052 — CVSS 7.8 (high): Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac…
CVE-2016-0053 — CVSS 7.8 (high): Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Office Compatibility Pack SP3, Word…
CVE-2016-0054 — CVSS 7.8 (high): Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office…
CVE-2016-0127 — CVSS 7.8 (high): Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Office Compatibility Pack SP3, Word Viewer, Word…
CVE-2016-0134 — CVSS 7.8 (high): Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac…
CVE-2016-0140 — CVSS 7.8 (high): Microsoft Office 2007 SP3, Office 2010 SP2, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow…
CVE-2016-3281 — CVSS 7.8 (high): Microsoft Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Word Automation…
CVE-2016-3282 — CVSS 7.8 (high): Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac…
CVE-2016-7234 — CVSS 7.8 (high): Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word for Mac 2011, Excel for Mac 2011, Word 2016 for…
CVE-2016-7236 — CVSS 7.8 (high): Microsoft Excel 2010 SP2, Excel for Mac 2011, Excel 2016 for Mac, and Excel Services on SharePoint Server 2010 SP2 allow remote attackers…
CVE-2017-0006 — CVSS 7.8 (high): Microsoft Excel 2007 SP3, Office Compatibility Pack SP3, Excel Viewer, and Excel Services on SharePoint Server 2007 SP3 allow remote…
CVE-2017-0030 — CVSS 7.8 (high): Microsoft Office 2010 SP2, Office Compatibility Pack SP3, Office Web Apps Server 2010 SP2, Word 2007 SP3, Word 2010 SP2, and Word…