Project server
This hub aggregates every CVE we track for Project server, a product in the enterprise software space. Use it to gauge the current risk picture and drill into individual advisories.
24
CVEs tracked
3
Critical
12
High
0
In CISA KEV
Severity distribution
HIGH12MEDIUM9CRITICAL3
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Project server.
- CVE-2020-0954A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office...5.4
- CVE-2019-1036Microsoft Office SharePoint XSS Vulnerability5.4
- CVE-2019-1033Microsoft Office SharePoint XSS Vulnerability5.4
- CVE-2019-1031Microsoft Office SharePoint XSS Vulnerability5.4
- CVE-2018-8284A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka ".NET Framework Remote Code Injection Vulnerability." This affects Microsoft .NE...8.1
- CVE-2018-8254An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoin...5.4
- CVE-2018-8156An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoin...5.4
- CVE-2018-0909Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microso...8.8
- CVE-2018-0914Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microso...8.8
- CVE-2018-0912Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microso...8.8
- CVE-2018-0916Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microso...8.8
- CVE-2018-0911Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microso...8.8
- CVE-2018-0913Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microso...8.8
- CVE-2018-0915Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microso...8.8
- CVE-2018-0910Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microso...8.8
Product normalization is registry-driven with AI assist and human review. How it works