CVE-2023-45161

The 1E-Exchange-URLResponseTime instruction that is part of the Network product pack available on the 1E Exchange does not properly validate the URL parameter, which allows for a specially crafted input to perform arbitrary code execution with SYSTEM permissions. This instruction only runs on...

Medium: gnutls

Issue Overview: A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS1 v1.5 padding. This issue may allow a remote attacker to perform a timing side-channel attack in the RSA-PSK ke...

August 2012 cumulative time zone update for Windows operating systems

August 2012 cumulative time zone update for Windows operating systems Summary This update supersedes and replaces update 2633952, which was released in December 2011. All additional time zone changes released as hotfixes after update 2633952 are incorporated in this update. If you have already...

CVE-2017-14090

A vulnerability in Trend Micro ScanMail for Exchange 12.0 exists in which some communications to the update servers are not encrypted...

Microsoft Exchange Information Disclosure Vulnerability

An email filter bypass exists in the way that Microsoft Exchange parses HTML messages that could allow information disclosure. An attacker who successfully exploited the vulnerability could identify, fingerprint, and track a user online if the user views email messages using Outlook Web Access OW...

Special Small Business Server 2003 R2 Detectoid: To be used only by Exchange

This detectoid is being created on the Exchange side to get an update out. Normally this update would be created on the SBS side but there isn't enough time for that to happen...