Search
Search Results (251 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-16969 | 1 Microsoft | 1 Exchange Server | 2026-02-23 | 7.1 High |
| <p>An information disclosure vulnerability exists in how Microsoft Exchange validates tokens when handling certain messages. An attacker who successfully exploited the vulnerability could use this to gain further information from a user.</p> <p>To exploit the vulnerability, an attacker could include specially crafted OWA messages that could be loaded, without warning or filtering, from the attacker-controlled URL. This callback vector provides an information disclosure tactic used in web beacons and other types of tracking systems.</p> <p>The security update corrects the way that Exchange handles these token validations.</p> | ||||
| CVE-2020-16875 | 1 Microsoft | 1 Exchange Server | 2026-02-23 | 8.4 High |
| <p>A remote code execution vulnerability exists in Microsoft Exchange server due to improper validation of cmdlet arguments.</p> <p>An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the System user. Exploitation of the vulnerability requires an authenticated user in a certain Exchange role to be compromised.</p> <p>The security update addresses the vulnerability by correcting how Microsoft Exchange handles cmdlet arguments.</p> | ||||
| CVE-2021-31196 | 1 Microsoft | 1 Exchange Server | 2026-01-12 | 7.2 High |
| Microsoft Exchange Server Remote Code Execution Vulnerability | ||||
| CVE-2021-26855 | 1 Microsoft | 1 Exchange Server | 2025-10-30 | 9.1 Critical |
| Microsoft Exchange Server Remote Code Execution Vulnerability | ||||
| CVE-2021-26857 | 1 Microsoft | 1 Exchange Server | 2025-10-30 | 7.8 High |
| Microsoft Exchange Server Remote Code Execution Vulnerability | ||||
| CVE-2021-26858 | 1 Microsoft | 1 Exchange Server | 2025-10-30 | 7.8 High |
| Microsoft Exchange Server Remote Code Execution Vulnerability | ||||
| CVE-2021-27065 | 1 Microsoft | 1 Exchange Server | 2025-10-30 | 7.8 High |
| Microsoft Exchange Server Remote Code Execution Vulnerability | ||||
| CVE-2021-31207 | 1 Microsoft | 1 Exchange Server | 2025-10-30 | 6.6 Medium |
| Microsoft Exchange Server Security Feature Bypass Vulnerability | ||||
| CVE-2022-41080 | 1 Microsoft | 1 Exchange Server | 2025-10-30 | 8.8 High |
| Microsoft Exchange Server Elevation of Privilege Vulnerability | ||||
| CVE-2022-41082 | 1 Microsoft | 1 Exchange Server | 2025-10-30 | 8 High |
| Microsoft Exchange Server Remote Code Execution Vulnerability | ||||
| CVE-2022-41040 | 1 Microsoft | 1 Exchange Server | 2025-10-30 | 8.8 High |
| Microsoft Exchange Server Elevation of Privilege Vulnerability | ||||
| CVE-2021-42321 | 1 Microsoft | 1 Exchange Server | 2025-10-30 | 8.8 High |
| Microsoft Exchange Server Remote Code Execution Vulnerability | ||||
| CVE-2021-34523 | 1 Microsoft | 1 Exchange Server | 2025-10-30 | 9 Critical |
| Microsoft Exchange Server Elevation of Privilege Vulnerability | ||||
| CVE-2023-36777 | 1 Microsoft | 1 Exchange Server | 2025-10-30 | 5.7 Medium |
| Microsoft Exchange Server Information Disclosure Vulnerability | ||||
| CVE-2023-36744 | 1 Microsoft | 1 Exchange Server | 2025-10-30 | 8 High |
| Microsoft Exchange Server Remote Code Execution Vulnerability | ||||
| CVE-2023-36745 | 1 Microsoft | 1 Exchange Server | 2025-10-30 | 8 High |
| Microsoft Exchange Server Remote Code Execution Vulnerability | ||||
| CVE-2023-36756 | 1 Microsoft | 1 Exchange Server | 2025-10-30 | 8 High |
| Microsoft Exchange Server Remote Code Execution Vulnerability | ||||
| CVE-2023-36757 | 1 Microsoft | 1 Exchange Server | 2025-10-30 | 8 High |
| Microsoft Exchange Server Spoofing Vulnerability | ||||
| CVE-2021-33766 | 1 Microsoft | 1 Exchange Server | 2025-10-29 | 7.3 High |
| Microsoft Exchange Server Information Disclosure Vulnerability | ||||
| CVE-2021-34473 | 1 Microsoft | 1 Exchange Server | 2025-10-29 | 9.1 Critical |
| Microsoft Exchange Server Remote Code Execution Vulnerability | ||||