Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
exchange server vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2018-8448
An elevation of privilege vulnerability exists when Microsoft Exchange Outlook Web Access (OWA) fails to properly handle web requests, aka "Microsoft Exchange Server Elevation of Privilege Vulnerability." This affects Microsoft Exchange Server.
Microsoft Exchange Server 2013
Microsoft Exchange Server 2016
5.3
CVSSv3
CVE-2017-11761
Microsoft Exchange Server 2013 and Microsoft Exchange Server 2016 allow an input sanitization issue with Microsoft Exchange that could potentially result in unintended Information Disclosure, aka "Microsoft Exchange Information Disclosure Vulnerability"
Microsoft Exchange Server 2013
Microsoft Exchange Server 2016
1 Github repository
8.4
CVSSv3
CVE-2020-16875
<p>A remote code execution vulnerability exists in Microsoft Exchange server due to improper validation of cmdlet arguments.</p> <p>An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the System user. Exploitation ...
Microsoft Exchange Server 2019
Microsoft Exchange Server 2016
2 Articles
8.4
CVSSv3
CVE-2020-17141
Microsoft Exchange Remote Code Execution Vulnerability
Microsoft Exchange Server 2019
Microsoft Exchange Server 2016
6.5
CVSSv3
CVE-2021-24085
Microsoft Exchange Server Spoofing Vulnerability
Microsoft Exchange Server 2019
Microsoft Exchange Server 2016
1 Github repository
8
CVSSv3
CVE-2023-36035
Microsoft Exchange Server Spoofing Vulnerability
Microsoft Exchange Server 2019
Microsoft Exchange Server 2016
8
CVSSv3
CVE-2023-36039
Microsoft Exchange Server Spoofing Vulnerability
Microsoft Exchange Server 2019
Microsoft Exchange Server 2016
8
CVSSv3
CVE-2023-36050
Microsoft Exchange Server Spoofing Vulnerability
Microsoft Exchange Server 2019
Microsoft Exchange Server 2016
NA
CVE-2008-2247
Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) for Exchange Server 2003 SP2 allows remote malicious users to inject arbitrary web script or HTML via unspecified e-mail fields, a different vulnerability than CVE-2008-2248.
Microsoft Exchange Server 2003
Microsoft Exchange Server 2007
7.5
CVSSv3
CVE-2019-1233
A denial of service vulnerability exists in Microsoft Exchange Server software when the software fails to properly handle objects in memory, aka 'Microsoft Exchange Denial of Service Vulnerability'.
Microsoft Exchange Server 2016
Microsoft Exchange Server 2019
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »