Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: exchange-server Clear
ID Title
CVE-2026-45504 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-45504)
SSRF in ssrf (CVE-2026-45504). Successful exploitation can lead to full system takeover.
CVE-2026-45583 Code Injection in microsoft (CVE-2026-45583)
code injection in microsoft (CVE-2026-45583). Successful exploitation can lead to full system takeover.
CVE-2026-45501 Cross-Site Scripting (XSS) in ssrf (CVE-2026-45501)
cross-site scripting in ssrf (CVE-2026-45501). Confidential information can be exposed externally.
CVE-2026-45502 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-45502)
SSRF in ssrf (CVE-2026-45502). Risk of unauthorized operations or information disclosure.
CVE-2026-45500 Cross-Site Scripting (XSS) in microsoft (CVE-2026-45500)
cross-site scripting in microsoft (CVE-2026-45500). Risk of unauthorized operations or information disclosure.
CVE-2026-47631 Cross-Site Scripting (XSS) in microsoft (CVE-2026-47631)
cross-site scripting in microsoft (CVE-2026-47631). Confidential information can be exposed externally.
CVE-2026-45503 Vulnerability in ssrf (CVE-2026-45503)
vulnerability in ssrf (CVE-2026-45503). Confidential information can be exposed externally.
CVE-2026-42897 KEV [KEV] Cross-Site Scripting (XSS) in Microsoft exchange-server (CVE-2026-42897)
cross-site scripting in Microsoft exchange-server (CVE-2026-42897). Confidential information can be exposed externally. Listed in CISA KEV — actively exploited.
CVE-2023-21529 KEV [KEV] Unsafe Deserialization in Microsoft exchange-server (CVE-2023-21529)
vulnerability in Microsoft exchange-server (CVE-2023-21529). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-21527 Vulnerability in microsoft (CVE-2026-21527)
vulnerability in microsoft (CVE-2026-21527). Risk of unauthorized operations or information disclosure.
CVE-2025-64667 Vulnerability in microsoft (CVE-2025-64667)
vulnerability in microsoft (CVE-2025-64667). Risk of unauthorized operations or information disclosure.
CVE-2025-64666 Vulnerability in microsoft (CVE-2025-64666)
vulnerability in microsoft (CVE-2025-64666). Successful exploitation can lead to full system takeover.
CVE-2025-59249 Vulnerability in microsoft (CVE-2025-59249)
vulnerability in microsoft (CVE-2025-59249). Successful exploitation can lead to full system takeover.
CVE-2025-59248 Vulnerability in microsoft (CVE-2025-59248)
vulnerability in microsoft (CVE-2025-59248). Confidential information can be exposed externally.
CVE-2025-53782 Vulnerability in microsoft (CVE-2025-53782)
vulnerability in microsoft (CVE-2025-53782). Successful exploitation can lead to full system takeover.
CVE-2025-33051 Information Disclosure in microsoft (CVE-2025-33051)
vulnerability in microsoft (CVE-2025-33051). Confidential information can be exposed externally.
CVE-2025-25007 Vulnerability in microsoft (CVE-2025-25007)
vulnerability in microsoft (CVE-2025-25007). Risk of unauthorized operations or information disclosure.
CVE-2025-25006 Vulnerability in microsoft (CVE-2025-25006)
vulnerability in microsoft (CVE-2025-25006). Risk of unauthorized operations or information disclosure.
CVE-2025-25005 Vulnerability in microsoft (CVE-2025-25005)
vulnerability in microsoft (CVE-2025-25005). Confidential information can be exposed externally.
CVE-2025-53786 Authentication Bypass in microsoft (CVE-2025-53786)
authentication bypass in microsoft (CVE-2025-53786). Successful exploitation can lead to full system takeover.
CVE-2021-31196 KEV [KEV] Vulnerability in Microsoft exchange-server (CVE-2021-31196)
vulnerability in Microsoft exchange-server (CVE-2021-31196). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-21410 KEV [KEV] Authentication Bypass in Microsoft exchange-server (CVE-2024-21410)
authentication bypass in Microsoft exchange-server (CVE-2024-21410). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-41080 KEV [KEV] Vulnerability in Microsoft exchange-server (CVE-2022-41080)
vulnerability in Microsoft exchange-server (CVE-2022-41080). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-41040 KEV [KEV] SSRF (Server-Side Request Forgery) in Microsoft exchange-server (CVE-2022-41040)
SSRF in Microsoft exchange-server (CVE-2022-41040). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-41082 KEV [KEV] Unsafe Deserialization in Microsoft exchange-server (CVE-2022-41082)
vulnerability in Microsoft exchange-server (CVE-2022-41082). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2018-8581 KEV [KEV] Vulnerability in Microsoft exchange-server (CVE-2018-8581)
vulnerability in Microsoft exchange-server (CVE-2018-8581). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-33766 KEV [KEV] Authentication Bypass in Microsoft exchange-server (CVE-2021-33766)
authentication bypass in Microsoft exchange-server (CVE-2021-33766). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-34523 KEV [KEV] Authentication Bypass in Microsoft exchange-server (CVE-2021-34523)
authentication bypass in Microsoft exchange-server (CVE-2021-34523). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-0688 KEV [KEV] Authentication Bypass in Microsoft exchange-server (CVE-2020-0688)
authentication bypass in Microsoft exchange-server (CVE-2020-0688). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-34473 KEV [KEV] SSRF (Server-Side Request Forgery) in Microsoft exchange-server (CVE-2021-34473)
SSRF in Microsoft exchange-server (CVE-2021-34473). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-31207 KEV [KEV] Vulnerability in Microsoft exchange-server (CVE-2021-31207)
vulnerability in Microsoft exchange-server (CVE-2021-31207). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-26855 KEV [KEV] SSRF (Server-Side Request Forgery) in Microsoft exchange-server (CVE-2021-26855)
SSRF in Microsoft exchange-server (CVE-2021-26855). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-26858 KEV [KEV] Vulnerability in Microsoft exchange-server (CVE-2021-26858)
vulnerability in Microsoft exchange-server (CVE-2021-26858). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-27065 KEV [KEV] Vulnerability in Microsoft exchange-server (CVE-2021-27065)
vulnerability in Microsoft exchange-server (CVE-2021-27065). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-26857 KEV [KEV] Unsafe Deserialization in Microsoft exchange-server (CVE-2021-26857)
vulnerability in Microsoft exchange-server (CVE-2021-26857). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-17144 KEV [KEV] Unsafe Deserialization in Microsoft exchange-server (CVE-2020-17144)
vulnerability in Microsoft exchange-server (CVE-2020-17144). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2017-11932 Vulnerability in microsoft (CVE-2017-11932)
vulnerability in microsoft (CVE-2017-11932). Confidential information can be exposed externally.
CVE-2017-11940 Buffer Overflow in microsoft (CVE-2017-11940)
vulnerability in microsoft (CVE-2017-11940). Successful exploitation can lead to full system takeover.
CVE-2017-11937 Buffer Overflow in microsoft (CVE-2017-11937)
vulnerability in microsoft (CVE-2017-11937). Successful exploitation can lead to full system takeover.
CVE-2017-8758 Cross-Site Scripting (XSS) in microsoft (CVE-2017-8758)
cross-site scripting in microsoft (CVE-2017-8758). Risk of unauthorized operations or information disclosure.
CVE-2017-11761 Information Disclosure in microsoft (CVE-2017-11761)
vulnerability in microsoft (CVE-2017-11761). Risk of unauthorized operations or information disclosure.
CVE-2017-8621 Open Redirect in microsoft (CVE-2017-8621)
vulnerability in microsoft (CVE-2017-8621). Risk of unauthorized operations or information disclosure.
CVE-2017-8560 Cross-Site Scripting (XSS) in microsoft (CVE-2017-8560)
cross-site scripting in microsoft (CVE-2017-8560). Risk of unauthorized operations or information disclosure.
CVE-2017-8559 Cross-Site Scripting (XSS) in microsoft (CVE-2017-8559)
cross-site scripting in microsoft (CVE-2017-8559). Risk of unauthorized operations or information disclosure.
CVE-2017-8539 Buffer Overflow in dos (CVE-2017-8539)
vulnerability in dos (CVE-2017-8539). Risk of unauthorized operations or information disclosure.
CVE-2017-8535 Buffer Overflow in dos (CVE-2017-8535)
vulnerability in dos (CVE-2017-8535). Risk of unauthorized operations or information disclosure.
CVE-2017-8536 Buffer Overflow in dos (CVE-2017-8536)
vulnerability in dos (CVE-2017-8536). Risk of unauthorized operations or information disclosure.
CVE-2017-8537 Buffer Overflow in dos (CVE-2017-8537)
vulnerability in dos (CVE-2017-8537). Risk of unauthorized operations or information disclosure.
CVE-2017-8542 Buffer Overflow in dos (CVE-2017-8542)
vulnerability in dos (CVE-2017-8542). Risk of unauthorized operations or information disclosure.
CVE-2017-8541 Buffer Overflow in microsoft (CVE-2017-8541)
vulnerability in microsoft (CVE-2017-8541). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →