Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft outlook web access vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2018-16793
Rollup 18 for Microsoft Exchange Server 2010 SP3 and previous versions has an SSRF vulnerability via the username parameter in /owa/auth/logon.aspx in the OWA (Outlook Web Access) login page.
Microsoft Exchange Server 2010
383
VMScore
CVE-2016-0029
Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2016 allows remote malicious users to inject arbitrary web script or HTML via a crafted URL, aka "Exchange Spoofing Vulnerability," a different vulnerability than CVE-2016-...
Microsoft Exchange Server 2016
383
VMScore
CVE-2016-0031
Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2016 allows remote malicious users to inject arbitrary web script or HTML via a crafted URL, aka "Exchange Spoofing Vulnerability," a different vulnerability than CVE-2016-...
Microsoft Exchange Server 2016
383
VMScore
CVE-2015-2543
Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2013 Cumulative Update 8 and 9 allows remote malicious users to inject arbitrary web script or HTML via a crafted e-mail message, aka "Exchange Spoofing Vulnerability."
Microsoft Exchange Server 2013
445
VMScore
CVE-2015-2505
Outlook Web Access (OWA) in Microsoft Exchange Server 2013 Cumulative Update 8 and 9 and SP1 allows remote malicious users to obtain sensitive stacktrace information via a crafted request, aka "Exchange Information Disclosure Vulnerability."
Microsoft Exchange Server 2013
383
VMScore
CVE-2015-2544
Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2013 Cumulative Update 8 and 9 and SP1 allows remote malicious users to inject arbitrary web script or HTML via a crafted e-mail message, aka "Exchange Spoofing Vulnerability.&q...
Microsoft Exchange Server 2013
187
VMScore
CVE-2001-0666
Outlook Web Access (OWA) in Microsoft Exchange 2000 allows an authenticated user to cause a denial of service (CPU consumption) via a malformed OWA request for a deeply nested folder within the user's mailbox.
Microsoft Exchange Server 2000
445
VMScore
CVE-2003-0116
Microsoft Internet Explorer 5.01, 5.5 and 6.0 does not properly check the Cascading Style Sheet input parameter for Modal dialogs, which allows remote malicious users to read files on the local system via a web page containing script that creates a dialog and then accesses the ta...
Microsoft Ie 6.0
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 5.0.1
Microsoft Internet Explorer 6.0
668
VMScore
CVE-2001-0726
Outlook Web Access (OWA) in Microsoft Exchange 5.5 Server, when used with Internet Explorer, does not properly detect certain inline script, which can allow remote malicious users to perform arbitrary actions on a user's Exchange mailbox via an HTML e-mail message.
Microsoft Exchange Server 5.5
383
VMScore
CVE-2015-0762
Cross-site scripting (XSS) vulnerability in the management interface in Cisco Unified MeetingPlace 8.6(1.2) and 8.6(1.9) for Microsoft Outlook allows remote malicious users to inject arbitrary web script or HTML via a crafted value in a URL, aka Bug ID CSCuu51400.
Cisco Unified Meetingplace 8.6(1.9)
Cisco Unified Meetingplace 8.6(1.2)
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »