Exchange Server Security Vulnerabilities and Issues — Exchange Server CVE List

Lucene search

MicrosoftExchange Server

25 matches found

CVE•added 2021/03/03 12:15 a.m.•2797 views

CVE-2021-26855

Microsoft Exchange Server Remote Code Execution Vulnerability

9.8CVSS9.5AI score0.9438EPSS

CVE•added 2020/02/11 10:15 p.m.•2565 views

CVE-2020-0688

A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka 'Microsoft Exchange Memory Corruption Vulnerability'.

9CVSS8.5AI score0.94418EPSS

CVE•added 2021/07/14 6:15 p.m.•1606 views

CVE-2021-34523

Microsoft Exchange Server Elevation of Privilege Vulnerability

9.8CVSS9.6AI score0.93986EPSS

CVE•added 2017/05/26 8:29 p.m.•957 views

CVE-2017-8540

The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Excha...

9.3CVSS6.3AI score0.88632EPSS

CVE•added 2022/11/09 10:15 p.m.•759 views

CVE-2022-41080

Microsoft Exchange Server Elevation of Privilege Vulnerability

9.8CVSS9.3AI score0.93743EPSS

CVE•added 2024/02/13 6:15 p.m.•577 views

CVE-2024-21410

Microsoft Exchange Server Elevation of Privilege Vulnerability

9.8CVSS9.6AI score0.01511EPSS

CVE•added 2022/01/11 9:15 p.m.•368 views

CVE-2022-21846

Microsoft Exchange Server Remote Code Execution Vulnerability

9CVSS9.4AI score0.0186EPSS

CVE•added 2020/12/10 12:15 a.m.•323 views

CVE-2020-17132

Microsoft Exchange Remote Code Execution Vulnerability

9.1CVSS9AI score0.84091EPSS

CVE•added 2021/03/03 12:15 a.m.•308 views

CVE-2021-26412

Microsoft Exchange Server Remote Code Execution Vulnerability

9.1CVSS9AI score0.36546EPSS

CVE•added 2022/01/11 9:15 p.m.•287 views

CVE-2022-21855

Microsoft Exchange Server Remote Code Execution Vulnerability

9CVSS9.4AI score0.01529EPSS

CVE•added 2020/09/11 5:15 p.m.•260 views

CVE-2020-16875

A remote code execution vulnerability exists in Microsoft Exchange server due to improper validation of cmdlet arguments.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the System user. Exploitation of the vulnerability requires an authenticated u...

9CVSS7.8AI score0.88701EPSS

CVE•added 2021/10/13 1:15 a.m.•249 views

CVE-2021-26427

Microsoft Exchange Server Remote Code Execution Vulnerability

9.6CVSS8.4AI score0.0055EPSS

CVE•added 2022/01/11 9:15 p.m.•246 views

CVE-2022-21969

Microsoft Exchange Server Remote Code Execution Vulnerability

9CVSS9.4AI score0.00861EPSS

CVE•added 2021/03/03 12:15 a.m.•224 views

CVE-2021-27078

Microsoft Exchange Server Remote Code Execution Vulnerability

9.1CVSS9AI score0.46089EPSS

CVE•added 2023/08/08 6:15 p.m.•191 views

CVE-2023-21709

Microsoft Exchange Server Elevation of Privilege Vulnerability

9.8CVSS9.3AI score0.03581EPSS

CVE•added 2019/03/06 12:0 a.m.•183 views

CVE-2019-0724

An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0686.

9.3CVSS7.5AI score0.59226EPSS

CVE•added 2021/04/13 8:15 p.m.•172 views

CVE-2021-28482

Microsoft Exchange Server Remote Code Execution Vulnerability

9CVSS9.3AI score0.58738EPSS

CVE•added 2021/04/13 8:15 p.m.•157 views

CVE-2021-28483

Microsoft Exchange Server Remote Code Execution Vulnerability

9CVSS9.3AI score0.00583EPSS

CVE•added 2020/12/10 12:15 a.m.•152 views

CVE-2020-17117

Microsoft Exchange Remote Code Execution Vulnerability

9CVSS7.8AI score0.05815EPSS

CVE•added 2020/12/10 12:15 a.m.•147 views

CVE-2020-17142

Microsoft Exchange Remote Code Execution Vulnerability

9.1CVSS9AI score0.02344EPSS

CVE•added 2018/04/04 5:29 p.m.•138 views

CVE-2018-0986

A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption, aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability." This affects Windows Defender, Windows Intune Endpo...

9.3CVSS8.7AI score0.76022EPSS

CVE•added 2020/11/11 7:15 a.m.•115 views

CVE-2020-17084

Microsoft Exchange Server Remote Code Execution Vulnerability

9CVSS9.3AI score0.01917EPSS

CVE•added 2019/11/12 7:15 p.m.•114 views

CVE-2019-1373

A remote code execution vulnerability exists in Microsoft Exchange through the deserialization of metadata via PowerShell, aka 'Microsoft Exchange Remote Code Execution Vulnerability'.

9.8CVSS9.7AI score0.12497EPSS

CVE•added 2018/10/10 1:29 p.m.•97 views

CVE-2018-8265

A remote code execution vulnerability exists in the way Microsoft Exchange software parses specially crafted email messages, aka "Microsoft Exchange Remote Code Execution Vulnerability." This affects Microsoft Exchange Server.

9.3CVSS7.8AI score0.18296EPSS

CVE•added 2009/02/10 10:30 p.m.•76 views

CVE-2009-0098

Microsoft Exchange 2000 Server SP3, Exchange Server 2003 SP2, and Exchange Server 2007 SP1 do not properly interpret Transport Neutral Encapsulation (TNEF) properties, which allows remote attackers to execute arbitrary code via a crafted TNEF message, aka "Memory Corruption Vulnerability."

9.3CVSS7.5AI score0.57971EPSS