Download
| Alert*
oval:org.secpod.oval:def:43497
The host is missing an important security update 3141547 oval:org.secpod.oval:def:43437 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:50692 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:54127 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:58985 The host is missing an important security update for KB4484131 oval:org.secpod.oval:def:21545 The host is installed with Microsoft SharePoint Foundation 2010 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly sanitize page content in SharePoint lists. Successful exploitation could allow attackers to run arbitrary code in the ... oval:org.secpod.oval:def:21546 The host is missing an important security update according to Microsoft security bulletin, MS14-073. The update is required to fix an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly sanitize page content in SharePoint lists. Successful exploitation ... oval:org.secpod.oval:def:58903 A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacke ... oval:org.secpod.oval:def:58904 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:54664 A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacke ... oval:org.secpod.oval:def:23795 The host is installed with Microsoft SharePoint Foundation 2010 SP2, SharePoint Server 2010 SP2, SharePoint Foundation 2013 Gold and SP1 or SharePoint Server 2013 Gold or SP1 and is prone to a cross site scripting vulnerability. A flaw is present in the application, which fails to handle a crafted r ... oval:org.secpod.oval:def:54217 The host is missing an important security update for KB4464528 oval:org.secpod.oval:def:54739 The host is missing an important security update for KB4464573 oval:org.secpod.oval:def:23797 The host is installed with Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Office 2013 Gold or SP1, Word 2013 Gold or SP1, Office 2013 RT Gold or SP1, Word 2013 RT Gold or SP1, Excel Viewer, Office C ... oval:org.secpod.oval:def:23792 The host is missing a critical security update according to Microsoft security bulletin, MS15-022. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to handle a crafted file. Successful exploitation could allow attackers to execute arbitrar ... oval:org.secpod.oval:def:50693 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:24275 The host is installed with Microsoft Sharepoint Server 2007, 2010, Sharepoint Foundation 2010 or 2013 and is prone to a remote code execution vulnerability. A flaw is present in the applications, which fail to handle specially crafted page content. Successful exploitation could allow attackers to ex ... oval:org.secpod.oval:def:24276 The host is missing an important security update according to Microsoft security bulletin, MS15-047. The update is required to fix remote code execution vulnerabilities. The flaws are present in the applications, which fail to handle specially crafted page content. Successful exploitation could allo ... oval:org.secpod.oval:def:50783 The host is missing a critical security update for KB4461630 oval:org.secpod.oval:def:59709 The host is missing an important security update for KB4484165 oval:org.secpod.oval:def:59704 The host is missing an important security update for KB4484157 oval:org.secpod.oval:def:58533 The host is missing a critical security update for KB4475605 oval:org.secpod.oval:def:58433 An elevation of privilege vulnerability exists in Microsoft SharePoint. An attacker who successfully exploited this vulnerability could attempt to impersonate another user of the SharePoint server. To exploit this vulnerability, an authenticated attacker would send a specially crafted request to an ... oval:org.secpod.oval:def:58431 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:58438 A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data input. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm account ... oval:org.secpod.oval:def:24307 The host is installed with Office 2010, 2013, Word 2010, 2013, Excel 2010, 2013, Powerpoint 2010,2013, Powerpoint Viewer, Sharepoint Server 2010, 2013, Foundation 2010, 2013, Office Web Apps 2010 or 2013 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which ... oval:org.secpod.oval:def:24310 The host is missing an important security update according to Microsoft security bulletin, MS15-046. The update is required to fix multiple memory corruption vulnerabilities. The flaws are present in the applications, which fail to handle a crafted file. Successful exploitation could allow attackers ... oval:org.secpod.oval:def:18563 The host is missing a critical security update according to Microsoft bulletin, MS14-022. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly validate certain conditions. Successful exploitation allows attackers to run arbitrary c ... oval:org.secpod.oval:def:18570 The host is installed with SharePoint Server 2013 Client Components SDK, Microsoft SharePoint Designer 2007 SP3, 2010 SP1, SP2, 2013, SP1, Microsoft Office Web Apps Server 2013, SP1, Microsoft Windows SharePoint Services 3.0 SP3, SharePoint Server 2007, 2010 SP1, SP2, 2013, Microsoft SharePoint Foun ... oval:org.secpod.oval:def:15686 The host is installed with Microsoft Windows SharePoint Foundation 2010 SP1, SP2, SharePoint Server 2010 SP1, SP2, SharePoint Foundation 2013, SharePoint Server 2013 and is prone to elevation of privilege vulnerability. A flaw is present in the applications, which fail to properly sanitize the conte ... oval:org.secpod.oval:def:63643 A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP.Net web controls. An authenticated attacker who successfully exploited the vulnerability could use a specially crafted page to perform actions in the security context ... oval:org.secpod.oval:def:15687 The host is installed with Microsoft Windows 3.0 SP3, SharePoint Server 2007 SP3, SharePoint Foundation 2010 SP1, SP2, SharePoint Server 2010 SP1, SP2, SharePoint Foundation 2013, SharePoint Server 2013 and is prone to elevation of privilege vulnerability. A flaw is present in the applications, whic ... oval:org.secpod.oval:def:63648 A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacke ... oval:org.secpod.oval:def:49741 The host is missing an important security update for KB4461580 oval:org.secpod.oval:def:63650 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:15674 The host is missing a critical security update according to Microsoft bulletin, MS13-084. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to properly handle certain vectors and improperly validates inputs. Successful exploitation allows a ... oval:org.secpod.oval:def:63651 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:63772 The host is missing an important security update for KB4484391 oval:org.secpod.oval:def:15675 Microsoft SharePoint Foundation 2010 Service Pack 2 is installed oval:org.secpod.oval:def:63652 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:15679 The host is installed with Microsoft Windows SharePoint Services 2.0, 3.0 SP3, SharePoint Server 2007 SP3, SharePoint Foundation 2010 SP1, SP2, SharePoint Server 2010 SP1, SP2, SharePoint Foundation 2013, SharePoint Server 2013 and is prone to denial of service vulnerability. A flaw is present in th ... oval:org.secpod.oval:def:15676 The host is installed with Microsoft SharePoint Server 2007 SP3 or before, SharePoint Foundation 2010 or Microsoft SharePoint Services 3.0 and is prone to remote code execution vulnerability. The flaw is present in the applications, which fail to properly properly handle objects in memory while pars ... oval:org.secpod.oval:def:63781 The host is missing an important security update for KB4484414 oval:org.secpod.oval:def:57956 The host is missing an important security update for KB4475575 oval:org.secpod.oval:def:61936 The host is missing an important security update for KB4484197 oval:org.secpod.oval:def:62508 A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacke ... oval:org.secpod.oval:def:62500 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:49707 An information disclosure vulnerability exists where certain modes of the search function in Microsoft SharePoint Server are vulnerable to cross-site search attacks (a variant of cross-site request forgery, CSRF). When users are simultaneously logged in to Microsoft SharePoint Server and visit a mal ... oval:org.secpod.oval:def:62511 A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacke ... oval:org.secpod.oval:def:62494 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:57347 The host is missing an important security update for KB4475510 oval:org.secpod.oval:def:57864 An information disclosure vulnerability exists in the way Microsoft SharePoint handles session objects. A locally authenticated attacker who successfully exploited the vulnerability could hijack the session of another user. To exploit this vulnerability, the attacker could run a specially crafted ap ... oval:org.secpod.oval:def:61837 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:61834 This vulnerability is caused when SharePoint Server does not properly sanitize a specially crafted request to an affected SharePoint server. An authenticated attacker could exploit this vulnerability by sending a specially crafted request to an affected SharePoint server. The attacker who successful ... oval:org.secpod.oval:def:62497 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:62608 The host is missing an important security update for KB4484298 oval:org.secpod.oval:def:62507 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:32926 The host is missing a critical security update according to Microsoft security bulletin, MS16-015. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted office file. Successful exploitation allows attackers to corrupt ... oval:org.secpod.oval:def:35961 The host is missing an important security update according to Microsoft bulletin, MS16-088. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to properly handle objects in memory. Successful exploitation could allow to execute arbitrary cod ... oval:org.secpod.oval:def:15677 The host is missing a critical security update according to Microsoft bulletin, MS13-067. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to properly handle certain vectors and improperly validates inputs. Successful exploitation allows a ... oval:org.secpod.oval:def:71043 The host is missing an important security update for KB4504709 oval:org.secpod.oval:def:70930 Microsoft SharePoint Denial of Service Update oval:org.secpod.oval:def:69073 The host is missing an important security update for KB4493223 oval:org.secpod.oval:def:69008 Microsoft SharePoint Spoofing Vulnerability oval:org.secpod.oval:def:69009 Microsoft SharePoint Remote Code Execution Vulnerability oval:org.secpod.oval:def:69014 Microsoft SharePoint Information Disclosure Vulnerability oval:org.secpod.oval:def:68163 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:68281 The host is missing an important security update for KB4493187 oval:org.secpod.oval:def:68171 Microsoft SharePoint Server Tampering Vulnerability oval:org.secpod.oval:def:67679 Microsoft SharePoint Elevation of Privilege Vulnerability oval:org.secpod.oval:def:67681 Microsoft SharePoint Remote Code Execution Vulnerability oval:org.secpod.oval:def:67680 Microsoft SharePoint Spoofing Vulnerability oval:org.secpod.oval:def:67683 Microsoft SharePoint Information Disclosure Vulnerability oval:org.secpod.oval:def:67684 Microsoft SharePoint Remote Code Execution Vulnerability oval:org.secpod.oval:def:67738 The host is missing a moderate severity security update for KB4493149 oval:org.secpod.oval:def:66909 The host is installed with Microsoft SharePoint products and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow a remote attacker to execute arbitrary code. oval:org.secpod.oval:def:66969 The host is missing an important security update for KB4486744 oval:org.secpod.oval:def:66905 The host is installed with Microsoft SharePoint products and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow an attacker to disclosure sensitive information. oval:org.secpod.oval:def:66146 The host is missing an important security update for KB4486708 oval:org.secpod.oval:def:66049 An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. To exploit the vulnerability, an attacker would have ... oval:org.secpod.oval:def:66042 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:66044 An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. To exploit the vulnerability, an attacker would have ... oval:org.secpod.oval:def:66039 An information disclosure vulnerability exists when Microsoft SharePoint Server improperly discloses its folder structure when rendering specific web pages. An attacker who took advantage of this information disclosure could view the folder path of scripts loaded on the page. To take advantage of th ... oval:org.secpod.oval:def:66038 An information disclosure vulnerability exists when Microsoft SharePoint Server improperly discloses its folder structure when rendering specific web pages. An attacker who took advantage of this information disclosure could view the folder path of scripts loaded on the page. To take advantage of th ... oval:org.secpod.oval:def:65552 The host is missing an important security update for KB4486667 oval:org.secpod.oval:def:65386 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:65380 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:65381 A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP.Net web controls. An authenticated attacker who successfully exploited the vulnerability could use a specially crafted page to perform actions in the security context ... oval:org.secpod.oval:def:65382 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:65379 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:65377 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:65368 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:65369 A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacke ... oval:org.secpod.oval:def:64967 The host is missing an important security update for KB4484462 oval:org.secpod.oval:def:64917 A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacke ... oval:org.secpod.oval:def:64985 The host is missing an important security update for KB4484498 oval:org.secpod.oval:def:64925 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:57244 An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys. This vulnerability allows an attacker to impersonate another user, which can lead to elevation of privileges. ... oval:org.secpod.oval:def:15688 The host is installed with Microsoft Windows SharePoint Services 2.0, 3.0 SP3, SharePoint Server 2007 SP3, SharePoint Foundation 2010 SP1, SP2, SharePoint Server 2010 SP1, SP2, Exchange Server 2007, Exchange Server 2010, or Exchange Server 2013 and is prone to remote code execution vulnerability. A ... |