Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-45504 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-45504)
SSRF in ssrf (CVE-2026-45504). Successful exploitation can lead to full system takeover.
|
| CVE-2026-45583 |
|
Code Injection in microsoft (CVE-2026-45583)
code injection in microsoft (CVE-2026-45583). Successful exploitation can lead to full system takeover.
|
| CVE-2026-45501 |
|
Cross-Site Scripting (XSS) in ssrf (CVE-2026-45501)
cross-site scripting in ssrf (CVE-2026-45501). Confidential information can be exposed externally.
|
| CVE-2026-45502 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-45502)
SSRF in ssrf (CVE-2026-45502). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-45500 |
|
Cross-Site Scripting (XSS) in microsoft (CVE-2026-45500)
cross-site scripting in microsoft (CVE-2026-45500). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-47631 |
|
Cross-Site Scripting (XSS) in microsoft (CVE-2026-47631)
cross-site scripting in microsoft (CVE-2026-47631). Confidential information can be exposed externally.
|
| CVE-2026-45503 |
|
Vulnerability in ssrf (CVE-2026-45503)
vulnerability in ssrf (CVE-2026-45503). Confidential information can be exposed externally.
|
| CVE-2026-42897 KEV |
|
[KEV] Cross-Site Scripting (XSS) in Microsoft exchange-server (CVE-2026-42897)
cross-site scripting in Microsoft exchange-server (CVE-2026-42897). Confidential information can be exposed externally. Listed in CISA KEV — actively exploited.
|
| CVE-2023-21529 KEV |
|
[KEV] Unsafe Deserialization in Microsoft exchange-server (CVE-2023-21529)
vulnerability in Microsoft exchange-server (CVE-2023-21529). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-21527 |
|
Vulnerability in microsoft (CVE-2026-21527)
vulnerability in microsoft (CVE-2026-21527). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-64667 |
|
Vulnerability in microsoft (CVE-2025-64667)
vulnerability in microsoft (CVE-2025-64667). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-64666 |
|
Vulnerability in microsoft (CVE-2025-64666)
vulnerability in microsoft (CVE-2025-64666). Successful exploitation can lead to full system takeover.
|
| CVE-2025-59249 |
|
Vulnerability in microsoft (CVE-2025-59249)
vulnerability in microsoft (CVE-2025-59249). Successful exploitation can lead to full system takeover.
|
| CVE-2025-59248 |
|
Vulnerability in microsoft (CVE-2025-59248)
vulnerability in microsoft (CVE-2025-59248). Confidential information can be exposed externally.
|
| CVE-2025-53782 |
|
Vulnerability in microsoft (CVE-2025-53782)
vulnerability in microsoft (CVE-2025-53782). Successful exploitation can lead to full system takeover.
|
| CVE-2025-33051 |
|
Information Disclosure in microsoft (CVE-2025-33051)
vulnerability in microsoft (CVE-2025-33051). Confidential information can be exposed externally.
|
| CVE-2025-25007 |
|
Vulnerability in microsoft (CVE-2025-25007)
vulnerability in microsoft (CVE-2025-25007). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-25006 |
|
Vulnerability in microsoft (CVE-2025-25006)
vulnerability in microsoft (CVE-2025-25006). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-25005 |
|
Vulnerability in microsoft (CVE-2025-25005)
vulnerability in microsoft (CVE-2025-25005). Confidential information can be exposed externally.
|
| CVE-2025-53786 |
|
Authentication Bypass in microsoft (CVE-2025-53786)
authentication bypass in microsoft (CVE-2025-53786). Successful exploitation can lead to full system takeover.
|
| CVE-2021-31196 KEV |
|
[KEV] Vulnerability in Microsoft exchange-server (CVE-2021-31196)
vulnerability in Microsoft exchange-server (CVE-2021-31196). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-21410 KEV |
|
[KEV] Authentication Bypass in Microsoft exchange-server (CVE-2024-21410)
authentication bypass in Microsoft exchange-server (CVE-2024-21410). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-41080 KEV |
|
[KEV] Vulnerability in Microsoft exchange-server (CVE-2022-41080)
vulnerability in Microsoft exchange-server (CVE-2022-41080). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-41040 KEV |
|
[KEV] SSRF (Server-Side Request Forgery) in Microsoft exchange-server (CVE-2022-41040)
SSRF in Microsoft exchange-server (CVE-2022-41040). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-41082 KEV |
|
[KEV] Unsafe Deserialization in Microsoft exchange-server (CVE-2022-41082)
vulnerability in Microsoft exchange-server (CVE-2022-41082). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-8581 KEV |
|
[KEV] Vulnerability in Microsoft exchange-server (CVE-2018-8581)
vulnerability in Microsoft exchange-server (CVE-2018-8581). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-33766 KEV |
|
[KEV] Authentication Bypass in Microsoft exchange-server (CVE-2021-33766)
authentication bypass in Microsoft exchange-server (CVE-2021-33766). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-34523 KEV |
|
[KEV] Authentication Bypass in Microsoft exchange-server (CVE-2021-34523)
authentication bypass in Microsoft exchange-server (CVE-2021-34523). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-0688 KEV |
|
[KEV] Authentication Bypass in Microsoft exchange-server (CVE-2020-0688)
authentication bypass in Microsoft exchange-server (CVE-2020-0688). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-34473 KEV |
|
[KEV] SSRF (Server-Side Request Forgery) in Microsoft exchange-server (CVE-2021-34473)
SSRF in Microsoft exchange-server (CVE-2021-34473). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-31207 KEV |
|
[KEV] Vulnerability in Microsoft exchange-server (CVE-2021-31207)
vulnerability in Microsoft exchange-server (CVE-2021-31207). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-26855 KEV |
|
[KEV] SSRF (Server-Side Request Forgery) in Microsoft exchange-server (CVE-2021-26855)
SSRF in Microsoft exchange-server (CVE-2021-26855). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-26858 KEV |
|
[KEV] Vulnerability in Microsoft exchange-server (CVE-2021-26858)
vulnerability in Microsoft exchange-server (CVE-2021-26858). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-27065 KEV |
|
[KEV] Vulnerability in Microsoft exchange-server (CVE-2021-27065)
vulnerability in Microsoft exchange-server (CVE-2021-27065). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-26857 KEV |
|
[KEV] Unsafe Deserialization in Microsoft exchange-server (CVE-2021-26857)
vulnerability in Microsoft exchange-server (CVE-2021-26857). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-17144 KEV |
|
[KEV] Unsafe Deserialization in Microsoft exchange-server (CVE-2020-17144)
vulnerability in Microsoft exchange-server (CVE-2020-17144). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-11932 |
|
Vulnerability in microsoft (CVE-2017-11932)
vulnerability in microsoft (CVE-2017-11932). Confidential information can be exposed externally.
|
| CVE-2017-11940 |
|
Buffer Overflow in microsoft (CVE-2017-11940)
vulnerability in microsoft (CVE-2017-11940). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11937 |
|
Buffer Overflow in microsoft (CVE-2017-11937)
vulnerability in microsoft (CVE-2017-11937). Successful exploitation can lead to full system takeover.
|
| CVE-2017-8758 |
|
Cross-Site Scripting (XSS) in microsoft (CVE-2017-8758)
cross-site scripting in microsoft (CVE-2017-8758). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-11761 |
|
Information Disclosure in microsoft (CVE-2017-11761)
vulnerability in microsoft (CVE-2017-11761). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-8621 |
|
Open Redirect in microsoft (CVE-2017-8621)
vulnerability in microsoft (CVE-2017-8621). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-8560 |
|
Cross-Site Scripting (XSS) in microsoft (CVE-2017-8560)
cross-site scripting in microsoft (CVE-2017-8560). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-8559 |
|
Cross-Site Scripting (XSS) in microsoft (CVE-2017-8559)
cross-site scripting in microsoft (CVE-2017-8559). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-8539 |
|
Buffer Overflow in dos (CVE-2017-8539)
vulnerability in dos (CVE-2017-8539). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-8535 |
|
Buffer Overflow in dos (CVE-2017-8535)
vulnerability in dos (CVE-2017-8535). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-8536 |
|
Buffer Overflow in dos (CVE-2017-8536)
vulnerability in dos (CVE-2017-8536). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-8537 |
|
Buffer Overflow in dos (CVE-2017-8537)
vulnerability in dos (CVE-2017-8537). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-8542 |
|
Buffer Overflow in dos (CVE-2017-8542)
vulnerability in dos (CVE-2017-8542). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-8541 |
|
Buffer Overflow in microsoft (CVE-2017-8541)
vulnerability in microsoft (CVE-2017-8541). Successful exploitation can lead to full system takeover.
|