Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft exchange server vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2016-0138
Microsoft Exchange Server 2007 SP3, 2010 SP3, 2013 SP1, 2013 Cumulative Update 12, 2013 Cumulative Update 13, 2016 Cumulative Update 1, and 2016 Cumulative Update 2 misparses e-mail messages, which allows remote authenticated users to obtain sensitive Outlook application informat...
Microsoft Exchange Server 2013
Microsoft Exchange Server 2016
Microsoft Exchange Server 2007
Microsoft Exchange Server 2010
356
VMScore
CVE-2019-0588
An information disclosure vulnerability exists when the Microsoft Exchange PowerShell API grants calendar contributors more view permissions than intended, aka "Microsoft Exchange Information Disclosure Vulnerability." This affects Microsoft Exchange Server.
Microsoft Exchange Server 2010
Microsoft Exchange Server 2013
Microsoft Exchange Server 2016
Microsoft Exchange Server 2019
1 Article
516
VMScore
CVE-2019-0686
An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0724.
Microsoft Exchange Server 2010
Microsoft Exchange Server 2013
Microsoft Exchange Server 2016
Microsoft Exchange Server 2019
2 Articles
1000
VMScore
CVE-2019-0724
An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0686.
Microsoft Exchange Server 2016
Microsoft Exchange Server 2010
Microsoft Exchange Server 2013
Microsoft Exchange Server 2019
2 Metasploit modules
1 Article
516
VMScore
CVE-2019-0817
A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web Access (OWA) fails to properly handle web requests, aka 'Microsoft Exchange Spoofing Vulnerability'. This CVE ID is unique from CVE-2019-0858.
Microsoft Exchange Server 2010
Microsoft Exchange Server 2013
Microsoft Exchange Server 2016
Microsoft Exchange Server 2019
1 Article
923
VMScore
CVE-2020-0688
A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka 'Microsoft Exchange Memory Corruption Vulnerability'.
Microsoft Exchange Server 2013
Microsoft Exchange Server 2016
Microsoft Exchange Server 2019
Microsoft Exchange Server 2010
2 EDB exploits
42 Github repositories
7 Articles
519
VMScore
CVE-2018-8581
An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka "Microsoft Exchange Server Elevation of Privilege Vulnerability." This affects Microsoft Exchange Server.
Microsoft Exchange Server 2010
Microsoft Exchange Server 2013
Microsoft Exchange Server 2016
Microsoft Exchange Server 2019
9 Github repositories
609
VMScore
CVE-2021-26857
Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server 2010
Microsoft Exchange Server 2013
Microsoft Exchange Server 2019
Microsoft Exchange Server 2016
12 Github repositories
5 Articles
828
VMScore
CVE-2009-0098
Microsoft Exchange 2000 Server SP3, Exchange Server 2003 SP2, and Exchange Server 2007 SP1 do not properly interpret Transport Neutral Encapsulation (TNEF) properties, which allows remote malicious users to execute arbitrary code via a crafted TNEF message, aka "Memory Corru...
Microsoft Exchange Server 2000
Microsoft Exchange Server 2003
Microsoft Exchange Server 2007
445
VMScore
CVE-2009-0099
The Electronic Messaging System Microsoft Data Base (EMSMDB32) provider in Microsoft Exchange 2000 Server SP3 and Exchange Server 2003 SP2, as used in Exchange System Attendant, allows remote malicious users to cause a denial of service (application outage) via a malformed MAPI c...
Microsoft Exchange Server 2000
Microsoft Exchange Server 2003
Microsoft Exchange Server 2007
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »