Exchange Server
by Microsoft
CVEs (233)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-21969 | 0.00 | — | 0.01 | Jan 11, 2022 | Microsoft Exchange Server Remote Code Execution Vulnerability | |||
| CVE-2022-21855 | 0.00 | — | 0.01 | Jan 11, 2022 | Microsoft Exchange Server Remote Code Execution Vulnerability | |||
| CVE-2022-21846 | 0.00 | — | 0.01 | Jan 11, 2022 | Microsoft Exchange Server Remote Code Execution Vulnerability | |||
| CVE-2021-41350 | 0.00 | — | 0.02 | Oct 13, 2021 | Microsoft Exchange Server Spoofing Vulnerability | |||
| CVE-2021-41348 | 0.00 | — | 0.01 | Oct 13, 2021 | Microsoft Exchange Server Elevation of Privilege Vulnerability | |||
| CVE-2021-26427 | 0.00 | — | 0.01 | Oct 13, 2021 | Microsoft Exchange Server Remote Code Execution Vulnerability | |||
| CVE-2021-34470 | 0.00 | — | 0.03 | Jul 14, 2021 | Microsoft Exchange Server Elevation of Privilege Vulnerability | |||
| CVE-2021-33768 | 0.00 | — | 0.01 | Jul 14, 2021 | Microsoft Exchange Server Elevation of Privilege Vulnerability | |||
| CVE-2021-31209 | 0.00 | — | 0.03 | May 11, 2021 | Microsoft Exchange Server Spoofing Vulnerability | |||
| CVE-2021-31198 | 0.00 | — | 0.05 | May 11, 2021 | Microsoft Exchange Server Remote Code Execution Vulnerability | |||
| CVE-2021-28483 | 0.00 | — | 0.01 | Apr 13, 2021 | Microsoft Exchange Server Remote Code Execution Vulnerability | |||
| CVE-2021-26854 | 0.00 | — | 0.20 | Mar 2, 2021 | Microsoft Exchange Server Remote Code Execution Vulnerability | |||
| CVE-2021-1730 | 0.00 | — | 0.02 | Feb 25, 2021 | A spoofing vulnerability exists in Microsoft Exchange Server which could result in an attack that would allow a malicious actor to impersonate the user. This update addresses this vulnerability. To prevent these types of attacks, Microsoft recommends customers… | |||
| CVE-2020-17084 | 0.00 | — | 0.04 | Nov 11, 2020 | Microsoft Exchange Server Remote Code Execution Vulnerability | |||
| CVE-2020-17085 | 0.00 | — | 0.03 | Nov 11, 2020 | Microsoft Exchange Server Denial of Service Vulnerability | |||
| CVE-2020-16969 | 0.00 | — | 0.03 | Oct 16, 2020 | An information disclosure vulnerability exists in how Microsoft Exchange validates tokens when handling certain messages. An attacker who successfully exploited the vulnerability could use this to gain further information from a user. To exploit the vulnerability, an… | |||
| CVE-2020-0903 | 0.00 | — | 0.02 | Mar 12, 2020 | A cross-site-scripting (XSS) vulnerability exists when Microsoft Exchange Server does not properly sanitize a specially crafted web request to an affected Exchange server, aka 'Microsoft Exchange Server Spoofing Vulnerability'. | |||
| CVE-2020-0692 | 0.00 | — | 0.03 | Feb 11, 2020 | An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege Vulnerability'. | |||
| CVE-2019-1266 | 0.00 | — | 0.02 | Sep 11, 2019 | A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web App (OWA) fails to properly handle web requests, aka 'Microsoft Exchange Spoofing Vulnerability'. | |||
| CVE-2019-1137 | 0.00 | — | 0.02 | Jul 29, 2019 | A cross-site-scripting (XSS) vulnerability exists when Microsoft Exchange Server does not properly sanitize a specially crafted web request to an affected Exchange server, aka 'Microsoft Exchange Server Spoofing Vulnerability'. |
- CVE-2022-21969Jan 11, 2022risk 0.00cvss —epss 0.01
Microsoft Exchange Server Remote Code Execution Vulnerability
- CVE-2022-21855Jan 11, 2022risk 0.00cvss —epss 0.01
Microsoft Exchange Server Remote Code Execution Vulnerability
- CVE-2022-21846Jan 11, 2022risk 0.00cvss —epss 0.01
Microsoft Exchange Server Remote Code Execution Vulnerability
- CVE-2021-41350Oct 13, 2021risk 0.00cvss —epss 0.02
Microsoft Exchange Server Spoofing Vulnerability
- CVE-2021-41348Oct 13, 2021risk 0.00cvss —epss 0.01
Microsoft Exchange Server Elevation of Privilege Vulnerability
- CVE-2021-26427Oct 13, 2021risk 0.00cvss —epss 0.01
Microsoft Exchange Server Remote Code Execution Vulnerability
- CVE-2021-34470Jul 14, 2021risk 0.00cvss —epss 0.03
Microsoft Exchange Server Elevation of Privilege Vulnerability
- CVE-2021-33768Jul 14, 2021risk 0.00cvss —epss 0.01
Microsoft Exchange Server Elevation of Privilege Vulnerability
- CVE-2021-31209May 11, 2021risk 0.00cvss —epss 0.03
Microsoft Exchange Server Spoofing Vulnerability
- CVE-2021-31198May 11, 2021risk 0.00cvss —epss 0.05
Microsoft Exchange Server Remote Code Execution Vulnerability
- CVE-2021-28483Apr 13, 2021risk 0.00cvss —epss 0.01
Microsoft Exchange Server Remote Code Execution Vulnerability
- CVE-2021-26854Mar 2, 2021risk 0.00cvss —epss 0.20
Microsoft Exchange Server Remote Code Execution Vulnerability
- CVE-2021-1730Feb 25, 2021risk 0.00cvss —epss 0.02
A spoofing vulnerability exists in Microsoft Exchange Server which could result in an attack that would allow a malicious actor to impersonate the user. This update addresses this vulnerability. To prevent these types of attacks, Microsoft recommends customers…
- CVE-2020-17084Nov 11, 2020risk 0.00cvss —epss 0.04
Microsoft Exchange Server Remote Code Execution Vulnerability
- CVE-2020-17085Nov 11, 2020risk 0.00cvss —epss 0.03
Microsoft Exchange Server Denial of Service Vulnerability
- CVE-2020-16969Oct 16, 2020risk 0.00cvss —epss 0.03
An information disclosure vulnerability exists in how Microsoft Exchange validates tokens when handling certain messages. An attacker who successfully exploited the vulnerability could use this to gain further information from a user. To exploit the vulnerability, an…
- CVE-2020-0903Mar 12, 2020risk 0.00cvss —epss 0.02
A cross-site-scripting (XSS) vulnerability exists when Microsoft Exchange Server does not properly sanitize a specially crafted web request to an affected Exchange server, aka 'Microsoft Exchange Server Spoofing Vulnerability'.
- CVE-2020-0692Feb 11, 2020risk 0.00cvss —epss 0.03
An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege Vulnerability'.
- CVE-2019-1266Sep 11, 2019risk 0.00cvss —epss 0.02
A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web App (OWA) fails to properly handle web requests, aka 'Microsoft Exchange Spoofing Vulnerability'.
- CVE-2019-1137Jul 29, 2019risk 0.00cvss —epss 0.02
A cross-site-scripting (XSS) vulnerability exists when Microsoft Exchange Server does not properly sanitize a specially crafted web request to an affected Exchange server, aka 'Microsoft Exchange Server Spoofing Vulnerability'.
Page 11 of 12