Exchange Server Security Vulnerabilities and Issues — Exchange Server CVE List

Lucene search

MicrosoftExchange Server

216 matches found

CVE•added 2021/03/03 12:15 a.m.•2795 views

CVE-2021-26855

Microsoft Exchange Server Remote Code Execution Vulnerability

9.8CVSS9.5AI score0.9438EPSS

CVE•added 2020/02/11 10:15 p.m.•2561 views

CVE-2020-0688

A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka 'Microsoft Exchange Memory Corruption Vulnerability'.

9CVSS8.5AI score0.94418EPSS

CVE•added 2021/07/14 6:15 p.m.•2098 views

CVE-2021-34473

Microsoft Exchange Server Remote Code Execution Vulnerability

10CVSS9.8AI score0.94236EPSS

CVE•added 2021/03/03 12:15 a.m.•1926 views

CVE-2021-27065

Microsoft Exchange Server Remote Code Execution Vulnerability

7.8CVSS9.3AI score0.94366EPSS

CVE•added 2021/03/03 12:15 a.m.•1780 views

CVE-2021-26858

Microsoft Exchange Server Remote Code Execution Vulnerability

7.8CVSS9.3AI score0.85282EPSS

CVE•added 2021/11/10 1:19 a.m.•1695 views

CVE-2021-42321

Microsoft Exchange Server Remote Code Execution Vulnerability

8.8CVSS9AI score0.93507EPSS

CVE•added 2021/05/11 7:15 p.m.•1656 views

CVE-2021-31207

Microsoft Exchange Server Security Feature Bypass Vulnerability

6.6CVSS8.2AI score0.9393EPSS

CVE•added 2021/03/03 12:15 a.m.•1616 views

CVE-2021-26857

Microsoft Exchange Server Remote Code Execution Vulnerability

7.8CVSS9.3AI score0.09045EPSS

CVE•added 2021/07/14 6:15 p.m.•1604 views

CVE-2021-34523

Microsoft Exchange Server Elevation of Privilege Vulnerability

9.8CVSS9.6AI score0.94132EPSS

CVE•added 2022/10/03 1:15 a.m.•1513 views

CVE-2022-41040

Microsoft Exchange Server Elevation of Privilege Vulnerability

8.8CVSS8.5AI score0.94229EPSS

CVE•added 2022/10/03 1:15 a.m.•1441 views

CVE-2022-41082

Microsoft Exchange Server Remote Code Execution Vulnerability

8CVSS8.8AI score0.91964EPSS

CVE•added 2018/11/14 1:29 a.m.•1121 views

CVE-2018-8581

An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka "Microsoft Exchange Server Elevation of Privilege Vulnerability." This affects Microsoft Exchange Server.

7.4CVSS7.4AI score0.90869EPSS

CVE•added 2021/07/14 6:15 p.m.•1105 views

CVE-2021-33766

Microsoft Exchange Server Information Disclosure Vulnerability

7.5CVSS7AI score0.93553EPSS

CVE•added 2020/12/10 12:15 a.m.•1088 views

CVE-2020-17144

Microsoft Exchange Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.9206EPSS

CVE•added 2017/05/26 8:29 p.m.•955 views

CVE-2017-8540

The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Excha...

9.3CVSS6.3AI score0.88632EPSS

CVE•added 2022/11/09 10:15 p.m.•757 views

CVE-2022-41080

Microsoft Exchange Server Elevation of Privilege Vulnerability

9.8CVSS9.3AI score0.93743EPSS

CVE•added 2024/02/13 6:15 p.m.•575 views

CVE-2024-21410

Microsoft Exchange Server Elevation of Privilege Vulnerability

9.8CVSS9.6AI score0.01511EPSS

CVE•added 2021/07/14 6:15 p.m.•548 views

CVE-2021-31206

Microsoft Exchange Server Remote Code Execution Vulnerability

8CVSS8.8AI score0.04112EPSS

CVE•added 2024/11/12 6:15 p.m.•449 views

CVE-2024-49040

Microsoft Exchange Server Spoofing Vulnerability

7.5CVSS7.5AI score0.08096EPSS

CVE•added 2024/03/12 5:15 p.m.•423 views

CVE-2024-26198

Microsoft Exchange Server Remote Code Execution Vulnerability

8.8CVSS9.2AI score0.0376EPSS

CVE•added 2021/07/14 6:15 p.m.•376 views

CVE-2021-31196

Microsoft Exchange Server Remote Code Execution Vulnerability

7.2CVSS8.6AI score0.03916EPSS

CVE•added 2022/01/11 9:15 p.m.•366 views

CVE-2022-21846

Microsoft Exchange Server Remote Code Execution Vulnerability

9CVSS9.4AI score0.0186EPSS

CVE•added 2021/04/13 8:15 p.m.•353 views

CVE-2021-28480

Microsoft Exchange Server Remote Code Execution Vulnerability

10CVSS9.3AI score0.67801EPSS

CVE•added 2021/05/11 7:15 p.m.•346 views

CVE-2021-31195

Microsoft Exchange Server Remote Code Execution Vulnerability

8.8CVSS7.7AI score0.7541EPSS

CVE•added 2022/03/09 5:15 p.m.•334 views

CVE-2022-23277

Microsoft Exchange Server Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.7299EPSS

CVE•added 2008/10/21 1:18 a.m.•328 views

CVE-2008-1547

Open redirect vulnerability in exchweb/bin/redir.asp in Microsoft Outlook Web Access (OWA) for Exchange Server 2003 SP2 (aka build 6.5.7638) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the URL parameter.

4.3CVSS6.6AI score0.65006EPSS

CVE•added 2020/12/10 12:15 a.m.•321 views

CVE-2020-17132

Microsoft Exchange Remote Code Execution Vulnerability

9.1CVSS9AI score0.84091EPSS

CVE•added 2021/02/25 11:15 p.m.•315 views

CVE-2021-24085

Microsoft Exchange Server Spoofing Vulnerability

6.5CVSS6.2AI score0.18028EPSS

CVE•added 2023/02/14 8:15 p.m.•314 views

CVE-2023-21707

Microsoft Exchange Server Remote Code Execution Vulnerability

8.8CVSS9.3AI score0.609EPSS

CVE•added 2021/03/03 12:15 a.m.•308 views

CVE-2021-26412

Microsoft Exchange Server Remote Code Execution Vulnerability

9.1CVSS9AI score0.3741EPSS

CVE•added 2020/02/11 10:15 p.m.•307 views

CVE-2020-0692

An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege Vulnerability'.

8.1CVSS7.9AI score0.05465EPSS

CVE•added 2021/07/14 6:15 p.m.•290 views

CVE-2021-34470

Microsoft Exchange Server Elevation of Privilege Vulnerability

8CVSS8.6AI score0.04979EPSS

CVE•added 2022/01/11 9:15 p.m.•285 views

CVE-2022-21855

Microsoft Exchange Server Remote Code Execution Vulnerability

9CVSS9.4AI score0.01529EPSS

CVE•added 2021/03/03 12:15 a.m.•270 views

CVE-2021-26854

Microsoft Exchange Server Remote Code Execution Vulnerability

7.2CVSS8.3AI score0.17619EPSS

CVE•added 2023/11/14 6:15 p.m.•262 views

CVE-2023-36439

Microsoft Exchange Server Remote Code Execution Vulnerability

8CVSS7.9AI score0.00984EPSS

CVE•added 2022/08/09 8:15 p.m.•260 views

CVE-2022-21980

Microsoft Exchange Server Elevation of Privilege Vulnerability

8CVSS7.7AI score0.08407EPSS

CVE•added 2020/09/11 5:15 p.m.•258 views

CVE-2020-16875

A remote code execution vulnerability exists in Microsoft Exchange server due to improper validation of cmdlet arguments.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the System user. Exploitation of the vulnerability requires an authenticated u...

9CVSS7.8AI score0.88701EPSS

CVE•added 2022/08/09 8:15 p.m.•255 views

CVE-2022-24477

Microsoft Exchange Server Elevation of Privilege Vulnerability

8CVSS7.7AI score0.06312EPSS

CVE•added 2019/07/15 7:15 p.m.•253 views

CVE-2019-1084

An information disclosure vulnerability exists when Exchange allows creation of entities with Display Names having non-printable characters. An authenticated attacker could exploit this vulnerability by creating entities with invalid display names, which, when added to conversations, remain invisib...

6.5CVSS5.3AI score0.07824EPSS

CVE•added 2021/10/13 1:15 a.m.•249 views

CVE-2021-26427

Microsoft Exchange Server Remote Code Execution Vulnerability

9.6CVSS8.4AI score0.0055EPSS

CVE•added 2023/06/14 3:15 p.m.•247 views

CVE-2023-32031

Microsoft Exchange Server Remote Code Execution Vulnerability

8.8CVSS9.1AI score0.49018EPSS

CVE•added 2022/01/11 9:15 p.m.•244 views

CVE-2022-21969

Microsoft Exchange Server Remote Code Execution Vulnerability

9CVSS9.4AI score0.00861EPSS

CVE•added 2021/11/10 1:19 a.m.•242 views

CVE-2021-42305

Microsoft Exchange Server Spoofing Vulnerability

6.5CVSS6.5AI score0.10058EPSS

CVE•added 2023/01/10 10:15 p.m.•242 views

CVE-2023-21745

Microsoft Exchange Server Spoofing Vulnerability

8CVSS7.6AI score0.0017EPSS

CVE•added 2022/08/09 8:15 p.m.•237 views

CVE-2022-30134

Microsoft Exchange Server Information Disclosure Vulnerability

6.5CVSS7.1AI score0.02141EPSS

CVE•added 2022/03/09 5:15 p.m.•236 views

CVE-2022-24463

Microsoft Exchange Server Spoofing Vulnerability

6.5CVSS6.6AI score0.15029EPSS

CVE•added 2023/02/14 8:15 p.m.•234 views

CVE-2023-21529

Microsoft Exchange Server Remote Code Execution Vulnerability

8.8CVSS9.3AI score0.14582EPSS

CVE•added 2023/08/08 6:15 p.m.•227 views

CVE-2023-38182

Microsoft Exchange Server Remote Code Execution Vulnerability

8CVSS8.6AI score0.0311EPSS

CVE•added 2021/03/03 12:15 a.m.•224 views

CVE-2021-27078

Microsoft Exchange Server Remote Code Execution Vulnerability

9.1CVSS9AI score0.46978EPSS

CVE•added 2007/05/08 11:19 p.m.•219 views

CVE-2007-0213

Microsoft Exchange Server 2000 SP3, 2003 SP1 and SP2, and 2007 does not properly decode certain MIME encoded e-mails, which allows remote attackers to execute arbitrary code via a crafted base64-encoded MIME e-mail message.

10CVSS7.3AI score0.81906EPSS

Total number of security vulnerabilities216