Exchange Server Security Vulnerabilities and Issues — Exchange Server CVE List

Lucene search

MicrosoftExchange Server

221 matches found

CVE•added 2021/03/03 12:15 a.m.•2834 views

CVE-2021-26855

Microsoft Exchange Server Remote Code Execution Vulnerability

9.8CVSS9.5AI score0.94337EPSS

In wildWeb

CVE•added 2020/02/11 10:15 p.m.•2600 views

CVE-2020-0688

A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka 'Microsoft Exchange Memory Corruption Vulnerability'.

9CVSS8.5AI score0.94351EPSS

In wildWeb

CVE•added 2021/07/14 6:15 p.m.•2208 views

CVE-2021-34473

Microsoft Exchange Server Remote Code Execution Vulnerability

10CVSS9.8AI score0.94264EPSS

In wild

CVE•added 2021/03/03 12:15 a.m.•1962 views

CVE-2021-27065

Microsoft Exchange Server Remote Code Execution Vulnerability

7.8CVSS9.3AI score0.94325EPSS

In wildWeb

CVE•added 2021/03/03 12:15 a.m.•1816 views

CVE-2021-26858

Microsoft Exchange Server Remote Code Execution Vulnerability

7.8CVSS9.3AI score0.76165EPSS

In wild

CVE•added 2021/05/11 7:15 p.m.•1765 views

CVE-2021-31207

Microsoft Exchange Server Security Feature Bypass Vulnerability

6.6CVSS8.2AI score0.9394EPSS

In wild

CVE•added 2021/11/10 1:19 a.m.•1725 views

CVE-2021-42321

Microsoft Exchange Server Remote Code Execution Vulnerability

8.8CVSS9AI score0.93289EPSS

In wildWeb

CVE•added 2021/07/14 6:15 p.m.•1713 views

CVE-2021-34523

Microsoft Exchange Server Elevation of Privilege Vulnerability

9.8CVSS9.6AI score0.94066EPSS

In wild

CVE•added 2021/03/03 12:15 a.m.•1651 views

CVE-2021-26857

Microsoft Exchange Server Remote Code Execution Vulnerability

7.8CVSS9.3AI score0.09641EPSS

In wild

CVE•added 2022/10/03 1:15 a.m.•1541 views

CVE-2022-41040

Microsoft Exchange Server Elevation of Privilege Vulnerability

8.8CVSS8.5AI score0.94229EPSS

In wildWeb

CVE•added 2022/10/03 1:15 a.m.•1469 views

CVE-2022-41082

Microsoft Exchange Server Remote Code Execution Vulnerability

8CVSS8.8AI score0.92188EPSS

In wild

CVE•added 2018/11/14 1:29 a.m.•1154 views

CVE-2018-8581

An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka "Microsoft Exchange Server Elevation of Privilege Vulnerability." This affects Microsoft Exchange Server.

7.4CVSS7.4AI score0.91077EPSS

In wild

CVE•added 2021/07/14 6:15 p.m.•1136 views

CVE-2021-33766

Microsoft Exchange Server Information Disclosure Vulnerability

7.5CVSS7AI score0.93553EPSS

In wild

CVE•added 2020/12/10 12:15 a.m.•1120 views

CVE-2020-17144

Microsoft Exchange Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.9271EPSS

In wild

CVE•added 2017/05/26 8:29 p.m.•986 views

CVE-2017-8540

The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Excha...

9.3CVSS6.3AI score0.88632EPSS

In wildWeb

CVE•added 2022/11/09 10:15 p.m.•788 views

CVE-2022-41080

Microsoft Exchange Server Elevation of Privilege Vulnerability

9.8CVSS9.3AI score0.93743EPSS

In wild

CVE•added 2024/02/13 6:15 p.m.•605 views

CVE-2024-21410

Microsoft Exchange Server Elevation of Privilege Vulnerability

9.8CVSS9.6AI score0.01511EPSS

In wild

CVE•added 2021/07/14 6:15 p.m.•579 views

CVE-2021-31206

Microsoft Exchange Server Remote Code Execution Vulnerability

8CVSS8.8AI score0.0277EPSS

In wild

CVE•added 2024/11/12 6:15 p.m.•451 views

CVE-2024-49040

Microsoft Exchange Server Spoofing Vulnerability

7.5CVSS7.5AI score0.11226EPSS

CVE•added 2024/03/12 5:15 p.m.•425 views

CVE-2024-26198

Microsoft Exchange Server Remote Code Execution Vulnerability

8.8CVSS9.2AI score0.04459EPSS

CVE•added 2021/07/14 6:15 p.m.•408 views

CVE-2021-31196

Microsoft Exchange Server Remote Code Execution Vulnerability

7.2CVSS8.6AI score0.03916EPSS

In wild

CVE•added 2022/01/11 9:15 p.m.•394 views

CVE-2022-21846

Microsoft Exchange Server Remote Code Execution Vulnerability

9CVSS9.4AI score0.0186EPSS

In wild

CVE•added 2021/04/13 8:15 p.m.•382 views

CVE-2021-28480

Microsoft Exchange Server Remote Code Execution Vulnerability

10CVSS9.3AI score0.67801EPSS

In wild

CVE•added 2021/05/11 7:15 p.m.•367 views

CVE-2021-31195

Microsoft Exchange Server Remote Code Execution Vulnerability

8.8CVSS7.7AI score0.7541EPSS

CVE•added 2020/12/10 12:15 a.m.•351 views

CVE-2020-17132

Microsoft Exchange Remote Code Execution Vulnerability

9.1CVSS9AI score0.84435EPSS

In wild

CVE•added 2022/03/09 5:15 p.m.•336 views

CVE-2022-23277

Microsoft Exchange Server Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.7823EPSS

Web

CVE•added 2008/10/21 1:18 a.m.•332 views

CVE-2008-1547

Open redirect vulnerability in exchweb/bin/redir.asp in Microsoft Outlook Web Access (OWA) for Exchange Server 2003 SP2 (aka build 6.5.7638) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the URL parameter.

4.3CVSS6.6AI score0.58664EPSS

Web

CVE•added 2021/02/25 11:15 p.m.•317 views

CVE-2021-24085

Microsoft Exchange Server Spoofing Vulnerability

6.5CVSS6.2AI score0.18028EPSS

CVE•added 2023/02/14 8:15 p.m.•317 views

CVE-2023-21707

Microsoft Exchange Server Remote Code Execution Vulnerability

8.8CVSS9.3AI score0.609EPSS

CVE•added 2022/01/11 9:15 p.m.•314 views

CVE-2022-21855

Microsoft Exchange Server Remote Code Execution Vulnerability

9CVSS9.4AI score0.01529EPSS

In wild

CVE•added 2020/02/11 10:15 p.m.•308 views

CVE-2020-0692

An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege Vulnerability'.

8.1CVSS7.9AI score0.05465EPSS

CVE•added 2021/03/03 12:15 a.m.•308 views

CVE-2021-26412

Microsoft Exchange Server Remote Code Execution Vulnerability

9.1CVSS9AI score0.36546EPSS

CVE•added 2021/07/14 6:15 p.m.•293 views

CVE-2021-34470

Microsoft Exchange Server Elevation of Privilege Vulnerability

8CVSS8.6AI score0.04979EPSS

CVE•added 2020/09/11 5:15 p.m.•286 views

CVE-2020-16875

A remote code execution vulnerability exists in Microsoft Exchange server due to improper validation of cmdlet arguments.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the System user. Exploitation of the vulnerability requires an authenticated u...

9CVSS7.8AI score0.88701EPSS

In wildWeb

CVE•added 2022/01/11 9:15 p.m.•275 views

CVE-2022-21969

Microsoft Exchange Server Remote Code Execution Vulnerability

9CVSS9.4AI score0.00861EPSS

In wild

CVE•added 2021/03/03 12:15 a.m.•271 views

CVE-2021-26854

Microsoft Exchange Server Remote Code Execution Vulnerability

7.2CVSS8.3AI score0.15327EPSS

CVE•added 2023/11/14 6:15 p.m.•263 views

CVE-2023-36439

Microsoft Exchange Server Remote Code Execution Vulnerability

8CVSS7.9AI score0.00984EPSS

CVE•added 2022/08/09 8:15 p.m.•260 views

CVE-2022-21980

Microsoft Exchange Server Elevation of Privilege Vulnerability

8CVSS7.7AI score0.08407EPSS

CVE•added 2022/08/09 8:15 p.m.•255 views

CVE-2022-24477

Microsoft Exchange Server Elevation of Privilege Vulnerability

8CVSS7.7AI score0.06312EPSS

CVE•added 2019/07/15 7:15 p.m.•254 views

CVE-2019-1084

An information disclosure vulnerability exists when Exchange allows creation of entities with Display Names having non-printable characters. An authenticated attacker could exploit this vulnerability by creating entities with invalid display names, which, when added to conversations, remain invisib...

6.5CVSS5.3AI score0.06416EPSS

CVE•added 2023/06/14 3:15 p.m.•250 views

CVE-2023-32031

Microsoft Exchange Server Remote Code Execution Vulnerability

8.8CVSS9.1AI score0.49018EPSS

CVE•added 2021/10/13 1:15 a.m.•249 views

CVE-2021-26427

Microsoft Exchange Server Remote Code Execution Vulnerability

9.6CVSS8.4AI score0.0069EPSS

CVE•added 2023/01/10 10:15 p.m.•245 views

CVE-2023-21745

Microsoft Exchange Server Spoofing Vulnerability