Microsoft

Exchange Server

223 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.4

CVE-2016-3378

  • EPSS 3.12%
  • Veröffentlicht 14.09.2016 10:59:52
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Open redirect vulnerability in Microsoft Exchange Server 2013 SP1, 2013 Cumulative Update 12, 2013 Cumulative Update 13, 2016 Cumulative Update 1, and 2016 Cumulative Update 2 allows remote attackers to redirect users to arbitrary web sites and condu...

4.3

CVE-2016-0138

  • EPSS 13.99%
  • Veröffentlicht 14.09.2016 10:59:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Microsoft Exchange Server 2007 SP3, 2010 SP3, 2013 SP1, 2013 Cumulative Update 12, 2013 Cumulative Update 13, 2016 Cumulative Update 1, and 2016 Cumulative Update 2 misparses e-mail messages, which allows remote authenticated users to obtain sensitiv...

6.1

CVE-2016-0032

  • EPSS 1.47%
  • Veröffentlicht 13.01.2016 05:59:21
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2013 PS1, 2013 Cumulative Update 10, 2013 Cumulative Update 11, and 2016 allows remote attackers to inject arbitrary web script or HTML via a crafted UR...

6.1

CVE-2016-0031

  • EPSS 1.47%
  • Veröffentlicht 13.01.2016 05:59:20
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2016 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "Exchange Spoofing Vulnerability," a different vulnerability ...

6.1

CVE-2016-0030

  • EPSS 1.47%
  • Veröffentlicht 13.01.2016 05:59:19
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2013 PS1, 2013 Cumulative Update 10, and 2016 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "Exchange Spoofing V...

6.1

CVE-2016-0029

  • EPSS 1.47%
  • Veröffentlicht 13.01.2016 05:59:18
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2016 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "Exchange Spoofing Vulnerability," a different vulnerability ...

4.3

CVE-2015-2544

  • EPSS 8.12%
  • Veröffentlicht 09.09.2015 00:59:51
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2013 Cumulative Update 8 and 9 and SP1 allows remote attackers to inject arbitrary web script or HTML via a crafted e-mail message, aka "Exchange Spoofi...

4.3

CVE-2015-2543

  • EPSS 8.12%
  • Veröffentlicht 09.09.2015 00:59:50
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2013 Cumulative Update 8 and 9 allows remote attackers to inject arbitrary web script or HTML via a crafted e-mail message, aka "Exchange Spoofing Vulne...

5

CVE-2015-2505

  • EPSS 16.46%
  • Veröffentlicht 09.09.2015 00:59:18
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Outlook Web Access (OWA) in Microsoft Exchange Server 2013 Cumulative Update 8 and 9 and SP1 allows remote attackers to obtain sensitive stacktrace information via a crafted request, aka "Exchange Information Disclosure Vulnerability."

4.3

CVE-2015-2359

  • EPSS 12.15%
  • Veröffentlicht 10.06.2015 01:59:38
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in the web applications in Microsoft Exchange Server 2013 Cumulative Update 8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Exchange HTML Injection Vulnerability....