Vulnerabilities > Microsoft > Exchange Server
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-11 | CVE-2020-0692 | Unspecified vulnerability in Microsoft Exchange Server 2013/2016/2019 An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege Vulnerability'. | 8.1 |
| 2020-02-11 | CVE-2020-0688 | Improper Authentication vulnerability in Microsoft Exchange Server A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka 'Microsoft Exchange Memory Corruption Vulnerability'. | 8.8 |
| 2019-11-12 | CVE-2019-1373 | Deserialization of Untrusted Data vulnerability in Microsoft Exchange Server 2013/2016/2019 A remote code execution vulnerability exists in Microsoft Exchange through the deserialization of metadata via PowerShell, aka 'Microsoft Exchange Remote Code Execution Vulnerability'. | 9.8 |
| 2019-09-11 | CVE-2019-1266 | Cross-site Scripting vulnerability in Microsoft Exchange Server 2016/2019 A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web App (OWA) fails to properly handle web requests, aka 'Microsoft Exchange Spoofing Vulnerability'. | 6.1 |
| 2019-09-11 | CVE-2019-1233 | Unspecified vulnerability in Microsoft Exchange Server 2016/2019 A denial of service vulnerability exists in Microsoft Exchange Server software when the software fails to properly handle objects in memory, aka 'Microsoft Exchange Denial of Service Vulnerability'. | 7.5 |
| 2019-07-15 | CVE-2019-1137 | Cross-site Scripting vulnerability in Microsoft Exchange Server 2013/2016/2019 A cross-site-scripting (XSS) vulnerability exists when Microsoft Exchange Server does not properly sanitize a specially crafted web request to an affected Exchange server, aka 'Microsoft Exchange Server Spoofing Vulnerability'. | 5.4 |
| 2019-07-15 | CVE-2019-1136 | Unspecified vulnerability in Microsoft Exchange Server 2010/2013 An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege Vulnerability'. | 8.1 |
| 2019-07-15 | CVE-2019-1084 | Information Exposure vulnerability in Microsoft products An information disclosure vulnerability exists when Exchange allows creation of entities with Display Names having non-printable characters. | 6.5 |
| 2019-04-09 | CVE-2019-0858 | Cross-site Scripting vulnerability in Microsoft Exchange Server 2013/2016/2019 A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web Access (OWA) fails to properly handle web requests, aka 'Microsoft Exchange Spoofing Vulnerability'. | 6.1 |
| 2019-04-09 | CVE-2019-0817 | Data Processing Errors vulnerability in Microsoft Exchange Server A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web Access (OWA) fails to properly handle web requests, aka 'Microsoft Exchange Spoofing Vulnerability'. | 5.4 |