VYPR

Exchange Server

by Microsoft

CVEs (233)

  • CVE-2023-28310Jun 14, 2023
    risk 0.01cvss epss 0.25

    Microsoft Exchange Server Remote Code Execution Vulnerability

  • CVE-2023-21710Feb 14, 2023
    risk 0.01cvss epss 0.08

    Microsoft Exchange Server Remote Code Execution Vulnerability

  • CVE-2023-21761Jan 10, 2023
    risk 0.01cvss epss 0.02

    Microsoft Exchange Server Information Disclosure Vulnerability

  • CVE-2022-24516Aug 9, 2022
    risk 0.01cvss epss 0.02

    Microsoft Exchange Server Elevation of Privilege Vulnerability

  • CVE-2022-24477Aug 9, 2022
    risk 0.01cvss epss 0.02

    Microsoft Exchange Server Elevation of Privilege Vulnerability

  • CVE-2022-21980Aug 9, 2022
    risk 0.01cvss epss 0.02

    Microsoft Exchange Server Elevation of Privilege Vulnerability

  • CVE-2022-24463Mar 9, 2022
    risk 0.01cvss epss 0.32

    Microsoft Exchange Server Spoofing Vulnerability

  • CVE-2021-34453Oct 13, 2021
    risk 0.01cvss epss 0.03

    Microsoft Exchange Server Denial of Service Vulnerability

  • CVE-2021-31206Jul 14, 2021
    risk 0.01cvss epss 0.10

    Microsoft Exchange Server Remote Code Execution Vulnerability

  • CVE-2021-24085Feb 25, 2021
    risk 0.01cvss epss 0.05

    Microsoft Exchange Server Spoofing Vulnerability

  • CVE-2019-1373Nov 12, 2019
    risk 0.01cvss epss 0.18

    A remote code execution vulnerability exists in Microsoft Exchange through the deserialization of metadata via PowerShell, aka 'Microsoft Exchange Remote Code Execution Vulnerability'.

  • CVE-2019-1233Sep 11, 2019
    risk 0.01cvss epss 0.06

    A denial of service vulnerability exists in Microsoft Exchange Server software when the software fails to properly handle objects in memory, aka 'Microsoft Exchange Denial of Service Vulnerability'.

  • CVE-2019-1084Jul 15, 2019
    risk 0.01cvss epss 0.05

    An information disclosure vulnerability exists when Exchange allows creation of entities with Display Names having non-printable characters. An authenticated attacker could exploit this vulnerability by creating entities with invalid display names, which, when added to…

  • CVE-2019-0686Mar 6, 2019
    risk 0.01cvss epss 0.05

    An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0724.

  • CVE-2015-2544Sep 9, 2015
    risk 0.01cvss epss 0.09

    Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2013 Cumulative Update 8 and 9 and SP1 allows remote attackers to inject arbitrary web script or HTML via a crafted e-mail message, aka "Exchange Spoofing Vulnerability."

  • CVE-2015-2543Sep 9, 2015
    risk 0.01cvss epss 0.09

    Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2013 Cumulative Update 8 and 9 allows remote attackers to inject arbitrary web script or HTML via a crafted e-mail message, aka "Exchange Spoofing Vulnerability."

  • CVE-2015-2505Sep 9, 2015
    risk 0.01cvss epss 0.18

    Outlook Web Access (OWA) in Microsoft Exchange Server 2013 Cumulative Update 8 and 9 and SP1 allows remote attackers to obtain sensitive stacktrace information via a crafted request, aka "Exchange Information Disclosure Vulnerability."

  • CVE-2015-2359Jun 10, 2015
    risk 0.01cvss epss 0.11

    Cross-site scripting (XSS) vulnerability in the web applications in Microsoft Exchange Server 2013 Cumulative Update 8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Exchange HTML Injection Vulnerability."

  • CVE-2015-1764Jun 10, 2015
    risk 0.01cvss epss 0.14

    The web applications in Microsoft Exchange Server 2013 SP1 and Cumulative Update 8 allow remote attackers to bypass the Same Origin Policy and send HTTP traffic to intranet servers via a crafted request, related to a Server-Side Request Forgery (SSRF) issue, aka "Exchange…

  • CVE-2015-1632Mar 11, 2015
    risk 0.01cvss epss 0.12

    Cross-site scripting (XSS) vulnerability in errorfe.aspx in Outlook Web App (OWA) in Microsoft Exchange Server 2013 SP1 and Cumulative Update 7 allows remote attackers to inject arbitrary web script or HTML via the msgParam parameter in an authError action, aka "Exchange Error…

Page 7 of 12