Exchange Server Security Vulnerabilities and Issues — Exchange Server CVE List

cve

CVE-2009-0098

Microsoft Exchange 2000 Server SP3, Exchange Server 2003 SP2, and Exchange Server 2007 SP1 do not properly interpret Transport Neutral Encapsulation (TNEF) properties, which allows remote attackers to execute arbitrary code via a crafted TNEF message, aka "Memory Corruption Vulnerability."

7.5AI Score

0.552EPSS

2009-02-10 10:30 PM

59

cve

CVE-2018-8154

A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka "Microsoft Exchange Memory Corruption Vulnerability." This affects Microsoft Exchange Server. This CVE ID is unique from CVE-2018-8151.

9.8CVSS

6.9AI Score

0.1EPSS

2018-05-09 07:29 PM

77

cve

CVE-2018-8302

A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka "Microsoft Exchange Memory Corruption Vulnerability." This affects Microsoft Exchange Server.

9.8CVSS

9.4AI Score

0.548EPSS

2018-08-15 05:29 PM

66

cve

CVE-2019-0586

A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka "Microsoft Exchange Memory Corruption Vulnerability." This affects Microsoft Exchange Server.

9.8CVSS

9.4AI Score

0.362EPSS

2019-01-08 09:29 PM

80

cve

CVE-2019-1373

A remote code execution vulnerability exists in Microsoft Exchange through the deserialization of metadata via PowerShell, aka 'Microsoft Exchange Remote Code Execution Vulnerability'.

9.8CVSS

9.7AI Score

0.045EPSS

2019-11-12 07:15 PM

96

cve

CVE-2020-17132

Microsoft Exchange Remote Code Execution Vulnerability

9.1CVSS

8.9AI Score

0.034EPSS

2020-12-10 12:15 AM