27 matches found
CVE-2025-58107
In Microsoft Exchange through 2019, Exchange ActiveSync EAS configurations on on-premises servers may transmit sensitive data from Samsung mobile devices in cleartext, including the user's name, e-mail address, device ID, bearer token, and base64-encoded password...
EUVD-2025-208168
In Microsoft Exchange through 2019, Exchange ActiveSync EAS configurations on on-premises servers may transmit sensitive data from Samsung mobile devices in cleartext, including the user's name, e-mail address, device ID, bearer token, and base64-encoded password...
CVE-2025-58107
In Microsoft Exchange through 2019, Exchange ActiveSync EAS configurations on on-premises servers may transmit sensitive data from Samsung mobile devices in cleartext, including the user's name, e-mail address, device ID, bearer token, and base64-encoded password...
PT-2026-22591
Name of the Vulnerable Software and Affected Versions Microsoft Exchange versions prior to 2020 Description Exchange ActiveSync EAS configurations on on-premises servers may transmit sensitive data in cleartext from Samsung mobile devices. This data includes the user's name, email address, device...
Microsoft Exchange 安全漏洞
Microsoft Exchange is an enterprise-level email server provided by the American company Microsoft. Microsoft Exchange 2019 and earlier versions have a security vulnerability. This vulnerability stems from the fact that the Exchange ActiveSync configuration on local servers may transmit sensitive...
CVE-2025-58107
In Microsoft Exchange through 2019, Exchange ActiveSync EAS configurations on on-premises servers may transmit sensitive data from Samsung mobile devices in cleartext, including the user's name, e-mail address, device ID, bearer token, and base64-encoded password...
EUVD-2016-3497
Malware in sbrugna...
EUVD-2009-1674
Malware in sbrugna...
EUVD-2017-16126
Malware in sbrugna...
CVE-2016-11043
An issue was discovered on Samsung mobile devices with M6.0 software. The S/MIME implementation in EAS uses DES where 3DES is intended. The Samsung ID is SVE-2016-5871 June 2016...
Unspecified Vulnerability in Apple iOS Exchange ActiveSync
Apple iOS is an operating system developed by Apple for mobile devices.Exchange ActiveSync is one of the Microsoft Exchange synchronization protocols. A security vulnerability exists in the Exchange ActiveSync component in Apple iOS versions prior to 12.2. No details of the vulnerability are...
The vulnerability of the Exchange ActiveSync component of the iOS operating system allows a hacker to delete data from the device.
The vulnerability of the Exchange ActiveSync component of the iOS operating system is related to improper handling of permissions during account setup. Exploiting this vulnerability allows a malicious actor to delete data from the device during account setup, by capturing the open AutoDiscover V1...
CVE-2017-7088
An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Exchange ActiveSync" component. It allows remote attackers to erase a device in opportunistic circumstances by hijacking a cleartext AutoDiscover V1 session during the setup of an Exchange accoun...
Buffer overflow
An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Exchange ActiveSync" component. It allows remote attackers to erase a device in opportunistic circumstances by hijacking a cleartext AutoDiscover V1 session during the setup of an Exchange accoun...
CVE-2017-7088
An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Exchange ActiveSync" component. It allows remote attackers to erase a device in opportunistic circumstances by hijacking a cleartext AutoDiscover V1 session during the setup of an Exchange accoun...
CVE-2017-7088
The CVE-2017-7088 entry affects iOS prior to 11 in the Exchange ActiveSync (EAS) AutoDiscover V1 workflow. Root cause: a vulnerability allowing an attacker who can observe the AutoDiscover V1 session to hijack a cleartext exchange during Exchange account setup, enabling the attacker to erase the ...
Apple iOS Exchange ActiveSync Authentication Vulnerability
Apple iOS is an operating system developed by Apple for mobile devices.Exchange ActiveSync is one of the Microsoft Exchange synchronization protocols. A security vulnerability exists in the Exchange ActiveSync component in versions of Apple iOS prior to 11. A remote attacker can exploit this...
CVE-2016-2415
exchange/eas/EasAutoDiscover.java in the Autodiscover implementation in Exchange ActiveSync in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allows attackers to obtain sensitive information via a crafted application that triggers a spoofed response to a GET request, ak...
Design/Logic Flaw
exchange/eas/EasAutoDiscover.java in the Autodiscover implementation in Exchange ActiveSync in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allows attackers to obtain sensitive information via a crafted application that triggers a spoofed response to a GET request, ak...
CVE-2016-2415
exchange/eas/EasAutoDiscover.java in the Autodiscover implementation in Exchange ActiveSync in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allows attackers to obtain sensitive information via a crafted application that triggers a spoofed response to a GET request, ak...