Search
Search Results (24 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-21527 | 1 Microsoft | 9 Exchange Server, Exchange Server 2016, Exchange Server 2019 and 6 more | 2026-06-15 | 6.5 Medium |
| User interface (ui) misrepresentation of critical information in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network. | ||||
| CVE-2026-45500 | 1 Microsoft | 7 Exchange Server 2016, Exchange Server 2019, Exchange Server Se and 4 more | 2026-06-10 | 6.1 Medium |
| Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network. | ||||
| CVE-2026-45583 | 1 Microsoft | 3 Exchange Server 2016, Exchange Server 2019, Exchange Server Se | 2026-06-10 | 7.5 High |
| Improper control of generation of code ('code injection') in Microsoft Exchange Server allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-58107 | 1 Microsoft | 4 Exchange, Exchange Server, Exchange Server 2016 and 1 more | 2026-03-03 | 7.5 High |
| In Microsoft Exchange through 2019, Exchange ActiveSync (EAS) configurations on on-premises servers may transmit sensitive data from Samsung mobile devices in cleartext, including the user's name, e-mail address, device ID, bearer token, and base64-encoded password. | ||||