Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Microsoft Subscribe
Filtered by product Exchange Server
Total 239 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-2359 1 Microsoft 1 Exchange Server 2025-04-12 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the web applications in Microsoft Exchange Server 2013 Cumulative Update 8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Exchange HTML Injection Vulnerability."
CVE-2016-3378 1 Microsoft 1 Exchange Server 2025-04-12 5.8 MEDIUM 7.4 HIGH
Open redirect vulnerability in Microsoft Exchange Server 2013 SP1, 2013 Cumulative Update 12, 2013 Cumulative Update 13, 2016 Cumulative Update 1, and 2016 Cumulative Update 2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL, aka "Microsoft Exchange Open Redirect Vulnerability."
CVE-2016-0029 1 Microsoft 1 Exchange Server 2025-04-12 4.3 MEDIUM 6.1 MEDIUM
Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2016 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "Exchange Spoofing Vulnerability," a different vulnerability than CVE-2016-0031.
CVE-2016-3379 1 Microsoft 1 Exchange Server 2025-04-12 4.3 MEDIUM 6.1 MEDIUM
Cross-site scripting (XSS) vulnerability in Microsoft Exchange Server 2016 Cumulative Update 1 and 2 allows remote attackers to inject arbitrary web script or HTML via a meeting-invitation request, aka "Microsoft Exchange Elevation of Privilege Vulnerability."
CVE-2021-31198 1 Microsoft 1 Exchange Server 2025-02-28 6.8 MEDIUM 7.8 HIGH
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2020-0903 1 Microsoft 1 Exchange Server 2025-02-28 3.5 LOW 5.4 MEDIUM
A cross-site-scripting (XSS) vulnerability exists when Microsoft Exchange Server does not properly sanitize a specially crafted web request to an affected Exchange server, aka 'Microsoft Exchange Server Spoofing Vulnerability'.
CVE-2021-31209 1 Microsoft 1 Exchange Server 2025-02-28 5.8 MEDIUM 6.5 MEDIUM
Microsoft Exchange Server Spoofing Vulnerability
CVE-2021-31195 1 Microsoft 1 Exchange Server 2025-02-28 6.8 MEDIUM 6.5 MEDIUM
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2022-21978 1 Microsoft 1 Exchange Server 2025-01-02 7.2 HIGH 8.2 HIGH
Microsoft Exchange Server Elevation of Privilege Vulnerability
CVE-2024-26198 1 Microsoft 1 Exchange Server 2024-12-06 N/A 8.8 HIGH
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2023-38185 1 Microsoft 1 Exchange Server 2024-11-21 N/A 8.8 HIGH
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2023-38182 1 Microsoft 1 Exchange Server 2024-11-21 N/A 8.0 HIGH
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2023-38181 1 Microsoft 1 Exchange Server 2024-11-21 N/A 8.8 HIGH
Microsoft Exchange Server Spoofing Vulnerability
CVE-2023-36778 1 Microsoft 1 Exchange Server 2024-11-21 N/A 8.0 HIGH
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2023-36777 1 Microsoft 1 Exchange Server 2024-11-21 N/A 5.7 MEDIUM
Microsoft Exchange Server Information Disclosure Vulnerability
CVE-2023-36757 1 Microsoft 1 Exchange Server 2024-11-21 N/A 8.0 HIGH
Microsoft Exchange Server Spoofing Vulnerability
CVE-2023-36756 1 Microsoft 1 Exchange Server 2024-11-21 N/A 8.0 HIGH
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2023-36745 1 Microsoft 1 Exchange Server 2024-11-21 N/A 8.0 HIGH
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2023-36744 1 Microsoft 1 Exchange Server 2024-11-21 N/A 8.0 HIGH
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2023-36439 1 Microsoft 1 Exchange Server 2024-11-21 N/A 8.0 HIGH
Microsoft Exchange Server Remote Code Execution Vulnerability