Vulnerabilities > Microsoft > Exchange Server

DATE CVE VULNERABILITY TITLE RISK
2024-11-12 CVE-2024-49040 Unspecified vulnerability in Microsoft Exchange Server 2016/2019
Microsoft Exchange Server Spoofing Vulnerability
network
low complexity
microsoft
7.5
2023-11-14 CVE-2023-36035 Unspecified vulnerability in Microsoft Exchange Server 2016/2019
Microsoft Exchange Server Spoofing Vulnerability
low complexity
microsoft
8.0
2023-11-14 CVE-2023-36039 Unspecified vulnerability in Microsoft Exchange Server 2016/2019
Microsoft Exchange Server Spoofing Vulnerability
low complexity
microsoft
8.0
2023-11-14 CVE-2023-36050 Unspecified vulnerability in Microsoft Exchange Server 2016/2019
Microsoft Exchange Server Spoofing Vulnerability
low complexity
microsoft
8.0
2023-11-14 CVE-2023-36439 Unspecified vulnerability in Microsoft Exchange Server 2016/2019
Microsoft Exchange Server Remote Code Execution Vulnerability
low complexity
microsoft
8.0
2022-01-11 CVE-2022-21969 Unspecified vulnerability in Microsoft Exchange Server 2013/2016/2019
Microsoft Exchange Server Remote Code Execution Vulnerability
low complexity
microsoft
critical
9.0
2020-03-12 CVE-2020-0903 Cross-site Scripting vulnerability in Microsoft Exchange Server 2016/2019
A cross-site-scripting (XSS) vulnerability exists when Microsoft Exchange Server does not properly sanitize a specially crafted web request to an affected Exchange server, aka 'Microsoft Exchange Server Spoofing Vulnerability'.
network
low complexity
microsoft CWE-79
5.4
2020-02-11 CVE-2020-0692 Unspecified vulnerability in Microsoft Exchange Server 2013/2016/2019
An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege Vulnerability'.
network
high complexity
microsoft
8.1
2020-02-11 CVE-2020-0688 Improper Authentication vulnerability in Microsoft Exchange Server
A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka 'Microsoft Exchange Memory Corruption Vulnerability'.
network
low complexity
microsoft CWE-287
8.8
2019-11-12 CVE-2019-1373 Deserialization of Untrusted Data vulnerability in Microsoft Exchange Server 2013/2016/2019
A remote code execution vulnerability exists in Microsoft Exchange through the deserialization of metadata via PowerShell, aka 'Microsoft Exchange Remote Code Execution Vulnerability'.
network
low complexity
microsoft CWE-502
critical
9.8