CVE-2007-0213

Microsoft Exchange Server 2000 SP3, 2003 SP1 and SP2, and 2007 does not properly decode certain MIME encoded e-mails, which allows remote attackers to execute arbitrary code via a crafted base64-encoded MIME e-mail message.

CVE-2023-38185

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2023-21764

Microsoft Exchange Server Elevation of Privilege Vulnerability

CVE-2022-24516

Microsoft Exchange Server Elevation of Privilege Vulnerability

CVE-2021-28481

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2023-21762

Microsoft Exchange Server Spoofing Vulnerability

CVE-2022-21978

Microsoft Exchange Server Elevation of Privilege Vulnerability

CVE-2023-28310

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2021-41349

Microsoft Exchange Server Spoofing Vulnerability

CVE-2021-1730

A spoofing vulnerability exists in Microsoft Exchange Server which could result in an attack that would allow a malicious actor to impersonate the user.This update addresses this vulnerability.To prevent these types of attacks, Microsoft recommends customers to download inline images from different...

CVE-2023-21706

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2023-21709

Microsoft Exchange Server Elevation of Privilege Vulnerability

CVE-2020-17141

Microsoft Exchange Remote Code Execution Vulnerability

CVE-2022-21979

Microsoft Exchange Server Information Disclosure Vulnerability

CVE-2019-0724

An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0686.

CVE-2023-36035

Microsoft Exchange Server Spoofing Vulnerability

CVE-2021-28482

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2022-41123

Microsoft Exchange Server Elevation of Privilege Vulnerability

CVE-2023-36778

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2023-21763

Microsoft Exchange Server Elevation of Privilege Vulnerability

CVE-2023-21761

Microsoft Exchange Server Information Disclosure Vulnerability

CVE-2023-21710

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2023-36744

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2021-28483

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2020-17143

Microsoft Exchange Server Information Disclosure Vulnerability

CVE-2021-31209

Microsoft Exchange Server Spoofing Vulnerability

CVE-2020-17117

Microsoft Exchange Remote Code Execution Vulnerability

CVE-2021-31198

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2023-36050

Microsoft Exchange Server Spoofing Vulnerability

CVE-2023-35368

Microsoft Exchange Remote Code Execution Vulnerability

CVE-2020-17142

Microsoft Exchange Remote Code Execution Vulnerability

CVE-2023-36756

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2023-36757

Microsoft Exchange Server Spoofing Vulnerability

CVE-2020-16969

An information disclosure vulnerability exists in how Microsoft Exchange validates tokens when handling certain messages. An attacker who successfully exploited the vulnerability could use this to gain further information from a user.To exploit the vulnerability, an attacker could include specially...

CVE-2023-35388

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2023-36039

Microsoft Exchange Server Spoofing Vulnerability

CVE-2018-0986

A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption, aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability." This affects Windows Defender, Windows Intune Endpo...

CVE-2019-1233

A denial of service vulnerability exists in Microsoft Exchange Server software when the software fails to properly handle objects in memory, aka 'Microsoft Exchange Denial of Service Vulnerability'.

CVE-2022-41078

Microsoft Exchange Server Spoofing Vulnerability

CVE-2021-33768

Microsoft Exchange Server Elevation of Privilege Vulnerability

CVE-2019-1266

A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web App (OWA) fails to properly handle web requests, aka 'Microsoft Exchange Spoofing Vulnerability'.

CVE-2023-38181

Microsoft Exchange Server Spoofing Vulnerability

CVE-2022-41079

Microsoft Exchange Server Spoofing Vulnerability

CVE-2021-41348

Microsoft Exchange Server Elevation of Privilege Vulnerability

CVE-2007-0221

Integer overflow in the IMAP (IMAP4) support in Microsoft Exchange Server 2000 SP3 allows remote attackers to cause a denial of service (service hang) via crafted literals in an IMAP command, aka the "IMAP Literal Processing Vulnerability."

CVE-2021-34453

Microsoft Exchange Server Denial of Service Vulnerability

CVE-2019-0686

An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0724.

CVE-2020-0903

A cross-site-scripting (XSS) vulnerability exists when Microsoft Exchange Server does not properly sanitize a specially crafted web request to an affected Exchange server, aka 'Microsoft Exchange Server Spoofing Vulnerability'.

CVE-2006-0002

Unspecified vulnerability in Microsoft Outlook 2000 through 2003, Exchange 5.0 Server SP2 and 5.5 SP4, Exchange 2000 SP3, and Office allows remote attackers to execute arbitrary code via an e-mail message with a crafted Transport Neutral Encapsulation Format (TNEF) MIME attachment, related to messa...

CVE-2019-1373

A remote code execution vulnerability exists in Microsoft Exchange through the deserialization of metadata via PowerShell, aka 'Microsoft Exchange Remote Code Execution Vulnerability'.