Export limit exceeded: 362695 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (248 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-2091 1 Microsoft 3 Exchange Server, Internet Explorer, Windows Server 2003 2025-04-11 N/A
Microsoft Outlook Web Access (OWA) 8.2.254.0, when Internet Explorer 7 on Windows Server 2003 is used, does not properly handle the id parameter in a Folder IPF.Note action to the default URI, which might allow remote attackers to obtain sensitive information or conduct cross-site scripting (XSS) attacks via an invalid value.
CVE-2010-3937 1 Microsoft 1 Exchange Server 2025-04-11 N/A
Microsoft Exchange Server 2007 SP2 on the x64 platform allows remote authenticated users to cause a denial of service (infinite loop and MSExchangeIS outage) via a crafted RPC request, aka "Exchange Server Infinite Loop Vulnerability."
CVE-2011-0290 3 Lotus, Microsoft, Rim 3 Domino, Exchange Server, Blackberry Enterprise Server 2025-04-11 N/A
The BlackBerry Collaboration Service in Research In Motion (RIM) BlackBerry Enterprise Server (BES) 5.0.3 through MR4 for Microsoft Exchange and Lotus Domino allows remote authenticated users to log into arbitrary user accounts associated with the same organization, and send messages, read messages, read contact lists, or cause a denial of service (login unavailability), via unspecified vectors.
CVE-2012-2284 2 Emc, Microsoft 2 Networker Module For Microsoft Applications, Exchange Server 2025-04-11 N/A
The (1) install and (2) upgrade processes in EMC NetWorker Module for Microsoft Applications (NMM) 2.2.1, 2.3 before build 122, and 2.4 before build 375, when Exchange Server is used, allow local users to read cleartext administrator credentials via unspecified vectors.
CVE-2012-4791 1 Microsoft 1 Exchange Server 2025-04-11 N/A
Microsoft Exchange Server 2007 SP3 and 2010 SP1 and SP2 allows remote authenticated users to cause a denial of service (Information Store service hang) by subscribing to a crafted RSS feed, aka "RSS Feed May Cause Exchange DoS Vulnerability."
CVE-2013-0418 2 Microsoft, Oracle 2 Exchange Server, Fusion Middleware 2025-04-11 N/A
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7 and 8.4 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2013-0393. NOTE: the previous information was obtained from the January 2013 CPU. Oracle has not commented on claims from an independent researcher that this is a heap-based buffer overflow in the Paradox database stream filter (vspdx.dll) that can be triggered using a table header with a crafted "number of fields" value.
CVE-2013-5072 1 Microsoft 1 Exchange Server 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in Outlook Web Access in Microsoft Exchange Server 2010 SP2 and SP3 and 2013 Cumulative Update 2 and 3 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "OWA XSS Vulnerability."
CVE-2021-31198 1 Microsoft 1 Exchange Server 2025-02-28 7.8 High
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2020-0903 1 Microsoft 1 Exchange Server 2025-02-28 5.4 Medium
A cross-site-scripting (XSS) vulnerability exists when Microsoft Exchange Server does not properly sanitize a specially crafted web request to an affected Exchange server, aka 'Microsoft Exchange Server Spoofing Vulnerability'.
CVE-2023-21745 1 Microsoft 1 Exchange Server 2025-02-28 8 High
Microsoft Exchange Server Spoofing Vulnerability
CVE-2023-21762 1 Microsoft 1 Exchange Server 2025-02-28 8 High
Microsoft Exchange Server Spoofing Vulnerability
CVE-2023-21707 1 Microsoft 1 Exchange Server 2025-02-28 8.8 High
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2023-21710 1 Microsoft 1 Exchange Server 2025-02-28 7.2 High
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2023-28310 1 Microsoft 1 Exchange Server 2025-02-28 8 High
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2023-32031 1 Microsoft 1 Exchange Server 2025-02-28 8.8 High
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2021-31209 1 Microsoft 1 Exchange Server 2025-02-28 6.5 Medium
Microsoft Exchange Server Spoofing Vulnerability
CVE-2021-31195 1 Microsoft 1 Exchange Server 2025-02-28 6.5 Medium
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2023-35368 1 Microsoft 1 Exchange Server 2025-02-27 8.8 High
Microsoft Exchange Remote Code Execution Vulnerability
CVE-2023-38185 1 Microsoft 1 Exchange Server 2025-02-27 8.8 High
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2023-21709 1 Microsoft 1 Exchange Server 2025-02-27 9.8 Critical
Microsoft Exchange Server Elevation of Privilege Vulnerability