15905 matches found
CVE-2026-55009
Deserialization of untrusted data in Microsoft Exchange Server allows an authorized attacker to elevate privileges locally...
CVE-2026-55008
Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-55006
Insufficient granularity of access control in Microsoft Exchange Server allows an authorized attacker to elevate privileges locally...
CVE-2026-55005
Heap-based buffer overflow in Microsoft Exchange Server allows an authorized attacker to execute code over a network...
CVE-2026-55009 Microsoft Exchange Server Elevation of Privilege Vulnerability
...
CVE-2026-55009 Microsoft Exchange Server Elevation of Privilege Vulnerability
...
CVE-2026-55006 Microsoft Exchange Server Elevation of Privilege Vulnerability
...
CVE-2026-55006 Microsoft Exchange Server Elevation of Privilege Vulnerability
...
CVE-2026-55008 Microsoft Exchange Server Spoofing Vulnerability
...
CVE-2026-55005 Microsoft Exchange Server Remote Code Execution Vulnerability
...
Description of the security update for Microsoft Exchange Server 2019 CU14: July 14, 2026 (KB5103214)
None None...
Description of the security update for Microsoft Exchange Server 2019 CU15: July 14, 2026 (KB5103213)
None None...
Description of the security update for Microsoft Exchange Server Subscription Edition RTM: July 14, 2026 (KB5103212)
None None...
Description of the security update for Microsoft Exchange Server 2016 CU23: July 14, 2026 (KB5103215)
None None...
Microsoft OWA Exchange Server 2003 - 'redir.asp' Open Redirection
Open redirect vulnerability in exchweb/bin/redir.asp in Microsoft Outlook Web Access OWA for Exchange Server 2003 SP2 aka build 6.5.7638 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the URL parameter. id: CVE-2008-1547 info: name:...
Microsoft Exchange - Pre-Auth SSRF / ACL Bypass (ProxyNotFound)
Microsoft Exchange Server contains a remote code execution caused by improper input validation in the server component, letting remote attackers execute arbitrary code, exploit requires network access to the server. id: CVE-2021-28481 info: name: Microsoft Exchange - Pre-Auth SSRF / ACL Bypass...
CVE-2026-50722
A flaw was found in Libreswan's implementation of IKEv2 authentication when processing signatures utilizing the RSASSA-PKCS1-v15 scheme. The RSAauthenticatehashsignaturepkcs115rsa function does not correctly validate the DER encoding of the ASN.1 digest. A remote, unauthenticated attacker could...
CVE-2026-15584
creationtimestamp| type| source ---|---|--- 2026-07-13 13:23:46+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116912883381040364 2026-07-13 13:43:38+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqjt5kbc6h25 2026-07-13 16:07:28+00:00| seen|...
Microsoft Exchange Server - Cross-Site Scripting
Microsoft Exchange Server, or OWA, is vulnerable to a cross-site scripting vulnerability in refurl parameter of frowny.asp. id: CVE-2021-31195 info: name: Microsoft Exchange Server - Cross-Site Scripting author: infosecsanyam severity: medium description: Microsoft Exchange Server, or OWA, is...
Microsoft Exchange - Pre-Auth SSRF / ACL Bypass (ProxyNotFound)
Microsoft Exchange Server contains a remote code execution caused by improper input validation in the server component, letting remote attackers execute arbitrary code, exploit requires network access to the server. id: CVE-2021-28480 info: name: Microsoft Exchange - Pre-Auth SSRF / ACL Bypass...