BACK TO INTEL

Archives

Classification

Clear Filter
Application Security
Cloud Infrastructure
Enterprise Infrastructure
Enterprise IT Infrastructure
Enterprise Networking
Enterprise Security
Enterprise Software
Adobe ColdFusion
Atlassian Confluence
Collaboration Platforms
Collaboration Tools
Email Infrastructure
Managed File Transfer
Microsoft Exchange
Microsoft SharePoint
Code Injection
Deserialization RCE
Privilege Escalation
Microsoft Windows
Mobile Device Management
Oracle E-Business Suite
Oracle WebCenter Suite
ERP
Information Technology
Infrastructure
Infrastructure Security
Microsoft
Network Appliances
Network Infrastructure
Network Security
Networking
Open Source
Operating Systems
Software
Software Development
Software Security
Technology
Virtualization
Vulnerability
Web Hosting
Web Security
Windows Ecosystem

FeedMicrosoft SharePoint

Verified advisories, vulnerability disclosures, and architectural research.

CVE-2023-29357

CVE-2023-29357: Critical Microsoft SharePoint Server Authentication Bypass and Privilege Escalation Advisory

Microsoft SharePoint Server contains an unspecified vulnerability that allows an unauthenticated attacker, who has gained access to spoofed JWT authentication tokens, to use them for executing a network attack. This attack bypasses authentication, enabling the attacker to gain administrator privileges.

SharePoint Server
View Detail
CVE-2023-24955

CVE-2023-24955: Critical Microsoft SharePoint Server Code Injection Advisory

Microsoft SharePoint Server contains a code injection vulnerability that allows an authenticated attacker with Site Owner privileges to execute code remotely.

SharePoint Server
View Detail
CVE-2025-53770

CVE-2025-53770: Critical Remote Code Execution Vulnerability in Microsoft SharePoint Server

CVE-2025-53770 is a critical deserialization vulnerability in Microsoft SharePoint Server (CVSS 9.8) exploited in the wild, acting as a patch bypass for CVE-2025-49704.

SharePoint
View Detail
CVE-2025-49704

CVE-2025-49704: Critical Microsoft SharePoint Code Injection Vulnerability Advisory

Microsoft SharePoint contains a code injection vulnerability that could allow an authorized attacker to execute code over a network. This vulnerability could be chained with CVE-2025-49706. CVE-2025-53770 is a patch bypass for CVE-2025-49704, and the updates for CVE-2025-53770 include more robust protection than those for CVE-2025-49704.

SharePoint
View Detail