Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Exchange_server
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 213 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-02-13 | CVE-2024-21410 | Microsoft Exchange Server Elevation of Privilege Vulnerability | Exchange_server | 9.8 | ||
| 2021-03-03 | CVE-2021-26855 | Microsoft Exchange Server Remote Code Execution Vulnerability | Exchange_server | 9.1 | ||
| 2020-02-11 | CVE-2020-0688 | A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka 'Microsoft Exchange Memory Corruption Vulnerability'. | Exchange_server | 8.8 | ||
| 2021-07-14 | CVE-2021-34523 | Microsoft Exchange Server Elevation of Privilege Vulnerability | Exchange_server | 9.0 | ||
| 2020-09-11 | CVE-2020-16875 | <p>A remote code execution vulnerability exists in Microsoft Exchange server due to improper validation of cmdlet arguments.</p> <p>An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the System user. Exploitation of the vulnerability requires an authenticated user in a certain Exchange role to be compromised.</p> <p>The security update addresses the vulnerability by correcting how Microsoft Exchange handles cmdlet arguments.</p> | Exchange_server | 8.4 | ||
| 2020-10-16 | CVE-2020-16969 | <p>An information disclosure vulnerability exists in how Microsoft Exchange validates tokens when handling certain messages. An attacker who successfully exploited the vulnerability could use this to gain further information from a user.</p> <p>To exploit the vulnerability, an attacker could include specially crafted OWA messages that could be loaded, without warning or filtering, from the attacker-controlled URL. This callback vector provides an information disclosure tactic used in web... | Exchange_server | 7.1 | ||
| 2020-11-11 | CVE-2020-17083 | Microsoft Exchange Server Remote Code Execution Vulnerability | Exchange_server | 5.5 | ||
| 2020-11-11 | CVE-2020-17084 | Microsoft Exchange Server Remote Code Execution Vulnerability | Exchange_server | 8.5 | ||
| 2020-11-11 | CVE-2020-17085 | Microsoft Exchange Server Denial of Service Vulnerability | Exchange_server | 6.2 | ||
| 2020-12-10 | CVE-2020-17117 | Microsoft Exchange Remote Code Execution Vulnerability | Exchange_server | 6.6 |