VYPR

Exchange Server

by Microsoft

CVEs (233)

  • CVE-2016-0138MedSep 14, 2016
    risk 0.29cvss 4.3epss 0.13

    Microsoft Exchange Server 2007 SP3, 2010 SP3, 2013 SP1, 2013 Cumulative Update 12, 2013 Cumulative Update 13, 2016 Cumulative Update 1, and 2016 Cumulative Update 2 misparses e-mail messages, which allows remote authenticated users to obtain sensitive Outlook application…

  • CVE-2022-41082KEVOct 3, 2022
    risk 0.28cvss epss 1.00

    Microsoft Exchange Server Remote Code Execution Vulnerability

  • CVE-2021-42321KEVNov 10, 2021
    risk 0.28cvss epss 0.90

    Microsoft Exchange Server Remote Code Execution Vulnerability

  • CVE-2018-8374MedAug 15, 2018
    risk 0.28cvss 4.3epss 0.03

    A tampering vulnerability exists when Microsoft Exchange Server fails to properly handle profile data, aka "Microsoft Exchange Server Tampering Vulnerability." This affects Microsoft Exchange Server.

  • CVE-2022-41080KEVNov 9, 2022
    risk 0.26cvss epss 0.77

    Microsoft Exchange Server Elevation of Privilege Vulnerability

  • CVE-2018-8581KEVNov 14, 2018
    risk 0.25cvss epss 0.28

    An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka "Microsoft Exchange Server Elevation of Privilege Vulnerability." This affects Microsoft Exchange Server.

  • CVE-2021-26858KEVMar 2, 2021
    risk 0.24cvss epss 0.90

    Microsoft Exchange Server Remote Code Execution Vulnerability

  • CVE-2021-26857KEVMar 2, 2021
    risk 0.21cvss epss 0.94

    Microsoft Exchange Server Remote Code Execution Vulnerability

  • CVE-2021-33766KEVJul 14, 2021
    risk 0.20cvss epss 0.97

    Microsoft Exchange Server Information Disclosure Vulnerability

  • CVE-2020-17144KEVDec 9, 2020
    risk 0.19cvss epss 0.37

    Microsoft Exchange Remote Code Execution Vulnerability

  • CVE-2024-21410KEVFeb 13, 2024
    risk 0.12cvss epss 0.13

    Microsoft Exchange Server Elevation of Privilege Vulnerability

  • CVE-2021-31196KEVJul 14, 2021
    risk 0.12cvss epss 0.46

    Microsoft Exchange Server Remote Code Execution Vulnerability

  • CVE-2020-16875Sep 11, 2020
    risk 0.10cvss epss 0.47

    A remote code execution vulnerability exists in Microsoft Exchange server due to improper validation of cmdlet arguments. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the System user. Exploitation of the…

  • CVE-2022-23277Mar 9, 2022
    risk 0.09cvss epss 0.41

    Microsoft Exchange Server Remote Code Execution Vulnerability

  • CVE-2006-0027May 10, 2006
    risk 0.09cvss epss 0.79

    Unspecified vulnerability in Microsoft Exchange allows remote attackers to execute arbitrary code via e-mail messages with crafted (1) vCal or (2) iCal Calendar properties.

  • CVE-2005-0560May 2, 2005
    risk 0.09cvss epss 0.69

    Heap-based buffer overflow in the SvrAppendReceivedChunk function in xlsasink.dll in the SMTP service of Exchange Server 2000 and 2003 allows remote attackers to execute arbitrary code via a crafted X-LINK2STATE extended verb request to the SMTP port.

  • CVE-2003-0714Nov 17, 2003
    risk 0.09cvss epss 0.76

    The Internet Mail Service in Exchange Server 5.5 and Exchange 2000 allows remote attackers to cause a denial of service (memory exhaustion) by directly connecting to the SMTP service and sending a certain extended verb request, possibly triggering a buffer overflow in Exchange…

  • CVE-2019-0724Mar 6, 2019
    risk 0.08cvss epss 0.24

    An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0686.

  • CVE-2007-0213May 8, 2007
    risk 0.08cvss epss 0.66

    Microsoft Exchange Server 2000 SP3, 2003 SP1 and SP2, and 2007 does not properly decode certain MIME encoded e-mails, which allows remote attackers to execute arbitrary code via a crafted base64-encoded MIME e-mail message.

  • CVE-2004-0574Nov 3, 2004
    risk 0.08cvss epss 0.68

    The Network News Transfer Protocol (NNTP) component of Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003, Exchange 2000 Server, and Exchange Server 2003 allows remote attackers to execute arbitrary code via XPAT patterns, possibly related to improper…

Page 4 of 12