Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft outlook 2010 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-2091
Microsoft Outlook Web Access (OWA) 8.2.254.0, when Internet Explorer 7 on Windows Server 2003 is used, does not properly handle the id parameter in a Folder IPF.Note action to the default URI, which might allow remote malicious users to obtain sensitive information or conduct cro...
Microsoft Exchange Server 2007
1 EDB exploit
NA
CVE-2014-6319
Outlook Web App (OWA) in Microsoft Exchange Server 2007 SP3, 2010 SP3, and 2013 SP1 and Cumulative Update 6 does not properly validate tokens in requests, which allows remote malicious users to spoof the origin of e-mail messages via unspecified vectors, aka "Outlook Web App...
Microsoft Exchange Server 2013
Microsoft Exchange Server 2007
Microsoft Exchange Server 2010
NA
CVE-2013-5072
Cross-site scripting (XSS) vulnerability in Outlook Web Access in Microsoft Exchange Server 2010 SP2 and SP3 and 2013 Cumulative Update 2 and 3 allows remote malicious users to inject arbitrary web script or HTML via a crafted URL, aka "OWA XSS Vulnerability."
Microsoft Exchange Server 2010
Microsoft Exchange Server 2013
NA
CVE-2014-2730
The XML parser in Microsoft Office 2007 SP3, 2010 SP1 and SP2, and 2013, and Office for Mac 2011, does not properly detect recursion during entity expansion, which allows remote malicious users to cause a denial of service (memory consumption and persistent application hang) via ...
Microsoft Office 2010
Microsoft Office 2013
Microsoft Office 2011
Microsoft Office 2007
5.4
CVSSv3
CVE-2019-0817
A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web Access (OWA) fails to properly handle web requests, aka 'Microsoft Exchange Spoofing Vulnerability'. This CVE ID is unique from CVE-2019-0858.
Microsoft Exchange Server 2010
Microsoft Exchange Server 2013
Microsoft Exchange Server 2016
Microsoft Exchange Server 2019
1 Article
6.5
CVSSv3
CVE-2018-0940
Microsoft Exchange Outlook Web Access (OWA) in Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 20, Microsoft Exchange Server 2013 Cumulative Update 18, Microsoft Exchange Server 2013 Cumulative Update 19, Microsoft Exchange Server 2013 Service Pack 1, Microsoft Exchan...
Microsoft Exchange Server 2010
Microsoft Exchange Server 2016
Microsoft Exchange Server 2013
1 Article
4.3
CVSSv3
CVE-2016-0138
Microsoft Exchange Server 2007 SP3, 2010 SP3, 2013 SP1, 2013 Cumulative Update 12, 2013 Cumulative Update 13, 2016 Cumulative Update 1, and 2016 Cumulative Update 2 misparses e-mail messages, which allows remote authenticated users to obtain sensitive Outlook application informat...
Microsoft Exchange Server 2013
Microsoft Exchange Server 2016
Microsoft Exchange Server 2007
Microsoft Exchange Server 2010
7.8
CVSSv3
CVE-2017-0199
Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, Microsoft Office 2016, Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1 allow remote malicious users to execute arbitrary code via a crafted document, aka "Micros...
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 -
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Office 2010
Microsoft Office 2013
Microsoft Office 2016
Microsoft Windows 7
Microsoft Office 2007
3 EDB exploits
46 Github repositories
26 Articles
6.1
CVSSv3
CVE-2017-8559
Microsoft Exchange Server 2010 SP3, Exchange Server 2013 SP3, Exchange Server 2013 CU16, and Exchange Server 2016 CU5 allows an elevation of privilege vulnerability due to the way that Exchange Outlook Web Access (OWA) handles web requests, aka "Microsoft Exchange Cross-Site...
Microsoft Exchange Server 2013
Microsoft Exchange Server 2016
6.1
CVSSv3
CVE-2017-8560
Microsoft Exchange Server 2010 SP3, Exchange Server 2013 SP3, Exchange Server 2013 CU16, and Exchange Server 2016 CU5 allows an elevation of privilege vulnerability due to the way that Exchange Outlook Web Access (OWA) handles web requests, aka "Microsoft Exchange Cross-Site...
Microsoft Exchange Server 2016
Microsoft Exchange Server 2013
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6