Vulnerabilities (CVE)

Vendor filter

Microsoft Subscribe

Product filter

Exchange Server Subscribe

Filter

117 total CVE
CVE Vendors Products Updated CVSS
CVE-2005-0044 1 Microsoft 7 Windows 98, Windows 2003 Server, Windows 98se and 4 more 2019-04-30 7.5
The OLE component in Windows 98, 2000, XP, and Server 2003, and Exchange Server 5.0 through 2003, does not properly validate the lengths of messages for certain OLE data, which allows remote attackers to execute arbitrary code, aka the "Input...
CVE-2002-0055 1 Microsoft 3 Windows Xp, Exchange Server, Windows 2000 2019-04-30 5.0
SMTP service in Microsoft Windows 2000, Windows XP Professional, and Exchange 2000 allows remote attackers to cause a denial of service via a command with a malformed data transfer (BDAT) request.
CVE-2004-0574 1 Microsoft 4 Windows Nt, Exchange Server, Windows 2003 Server and 1 more 2019-04-30 10.0
The Network News Transfer Protocol (NNTP) component of Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003, Exchange 2000 Server, and Exchange Server 2003 allows remote attackers to execute arbitrary code via XPAT patterns,...
CVE-2002-0054 1 Microsoft 2 Exchange Server, Windows 2000 2019-04-30 7.5
SMTP service in (1) Microsoft Windows 2000 and (2) Internet Mail Connector (IMC) in Exchange Server 5.5 does not properly handle responses to NTLM authentication, which allows remote attackers to perform mail relaying via an SMTP AUTH command...
CVE-2019-0817 1 Microsoft 1 Exchange Server 2019-04-11 5.8
A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web Access (OWA) fails to properly handle web requests, aka 'Microsoft Exchange Spoofing Vulnerability'. This CVE ID is unique from CVE-2019-0858.
CVE-2019-0858 1 Microsoft 1 Exchange Server 2019-04-11 4.3
A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web Access (OWA) fails to properly handle web requests, aka 'Microsoft Exchange Spoofing Vulnerability'. This CVE ID is unique from CVE-2019-0817.
CVE-2017-8537 1 Microsoft 9 Windows Defender, Forefront Security, Malware Protection Engine and 6 more 2019-03-19 4.3
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511,...
CVE-2017-8536 1 Microsoft 9 Windows Defender, Forefront Security, Malware Protection Engine and 6 more 2019-03-19 4.3
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511,...
CVE-2017-8535 1 Microsoft 9 Windows Defender, Forefront Security, Malware Protection Engine and 6 more 2019-03-19 4.3
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511,...
CVE-2019-0686 1 Microsoft 1 Exchange Server 2019-03-06 5.8
An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0724.
CVE-2019-0724 1 Microsoft 1 Exchange Server 2019-03-06 9.3
An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0686.
CVE-2010-0025 1 Microsoft 6 Windows 2003 Server, Windows Server 2008, Windows Xp and 3 more 2019-02-26 5.0
The SMTP component in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Server 2008 Gold, SP2, and R2, and Exchange Server 2000 SP3, does not properly allocate memory for SMTP command replies, which allows remote attackers to read...
CVE-2010-1689 1 Microsoft 6 Windows 2003 Server, Windows Server 2008, Windows Xp and 3 more 2019-02-26 6.4
The DNS implementation in smtpsvc.dll before 6.0.2600.5949 in Microsoft Windows 2000 SP4 and earlier, Windows XP SP3 and earlier, Windows Server 2003 SP2 and earlier, Windows Server 2008 SP2 and earlier, Windows Server 2008 R2, Exchange Server...
CVE-2010-0024 1 Microsoft 6 Windows 2003 Server, Windows Server 2008, Windows Xp and 3 more 2019-02-26 5.0
The SMTP component in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Server 2008 Gold, SP2, and R2, and Exchange Server 2003 SP2, does not properly parse MX records, which allows remote DNS servers to cause a denial of service...
CVE-2010-1690 1 Microsoft 6 Windows 2003 Server, Windows Server 2008, Windows Xp and 3 more 2019-02-26 6.4
The DNS implementation in smtpsvc.dll before 6.0.2600.5949 in Microsoft Windows 2000 SP4 and earlier, Windows XP SP3 and earlier, Windows Server 2003 SP2 and earlier, Windows Server 2008 SP2 and earlier, Windows Server 2008 R2, Exchange Server...
CVE-2019-0588 1 Microsoft 1 Exchange Server 2019-01-15 4.0
An information disclosure vulnerability exists when the Microsoft Exchange PowerShell API grants calendar contributors more view permissions than intended, aka "Microsoft Exchange Information Disclosure Vulnerability." This affects Microsoft...
CVE-2019-0586 1 Microsoft 1 Exchange Server 2019-01-15 10.0
A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka "Microsoft Exchange Memory Corruption Vulnerability." This affects Microsoft Exchange Server.
CVE-2018-8604 1 Microsoft 1 Exchange Server 2019-01-08 4.0
A tampering vulnerability exists when Microsoft Exchange Server fails to properly handle profile data, aka "Microsoft Exchange Server Tampering Vulnerability." This affects Microsoft Exchange Server.
CVE-2018-8581 1 Microsoft 1 Exchange Server 2018-12-17 5.8
An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka "Microsoft Exchange Server Elevation of Privilege Vulnerability." This affects Microsoft Exchange Server.
CVE-2018-8448 1 Microsoft 1 Exchange Server 2018-11-27 5.8
An elevation of privilege vulnerability exists when Microsoft Exchange Outlook Web Access (OWA) fails to properly handle web requests, aka "Microsoft Exchange Server Elevation of Privilege Vulnerability." This affects Microsoft Exchange Server.