Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Exchange_server
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 216 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-03-12 | CVE-2024-26198 | Microsoft Exchange Server Remote Code Execution Vulnerability | Exchange_server | N/A | ||
| 2024-02-13 | CVE-2024-21410 | Microsoft Exchange Server Elevation of Privilege Vulnerability | Exchange_server | N/A | ||
| 2020-09-11 | CVE-2020-16875 | <p>A remote code execution vulnerability exists in Microsoft Exchange server due to improper validation of cmdlet arguments.</p> <p>An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the System user. Exploitation of the vulnerability requires an authenticated user in a certain Exchange role to be compromised.</p> <p>The security update addresses the vulnerability by correcting how Microsoft Exchange handles cmdlet arguments.</p> | Exchange_server | N/A | ||
| 2020-10-16 | CVE-2020-16969 | <p>An information disclosure vulnerability exists in how Microsoft Exchange validates tokens when handling certain messages. An attacker who successfully exploited the vulnerability could use this to gain further information from a user.</p> <p>To exploit the vulnerability, an attacker could include specially crafted OWA messages that could be loaded, without warning or filtering, from the attacker-controlled URL. This callback vector provides an information disclosure tactic used in web... | Exchange_server | N/A | ||
| 2020-11-11 | CVE-2020-17085 | Microsoft Exchange Server Denial of Service Vulnerability | Exchange_server | N/A | ||
| 2020-11-11 | CVE-2020-17083 | Microsoft Exchange Server Remote Code Execution Vulnerability | Exchange_server | N/A | ||
| 2020-11-11 | CVE-2020-17084 | Microsoft Exchange Server Remote Code Execution Vulnerability | Exchange_server | N/A | ||
| 2020-12-10 | CVE-2020-17117 | Microsoft Exchange Remote Code Execution Vulnerability | Exchange_server | N/A | ||
| 2020-12-10 | CVE-2020-17132 | Microsoft Exchange Remote Code Execution Vulnerability | Exchange_server | N/A | ||
| 2020-12-10 | CVE-2020-17141 | Microsoft Exchange Remote Code Execution Vulnerability | Exchange_server | N/A |