Export limit exceeded: 366890 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (252 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-1043 | 1 Microsoft | 1 Exchange Server | 2026-04-16 | N/A |
| Microsoft Exchange Server 5.5 and 5.0 does not properly handle (1) malformed NNTP data, or (2) malformed SMTP data, which allows remote attackers to cause a denial of service (application error). | ||||
| CVE-2002-0698 | 1 Microsoft | 1 Exchange Server | 2026-04-16 | N/A |
| Buffer overflow in Internet Mail Connector (IMC) for Microsoft Exchange Server 5.5 allows remote attackers to execute arbitrary code via an EHLO request from a system with a long name as obtained through a reverse DNS lookup, which triggers the overflow in IMC's hello response. | ||||
| CVE-2002-0507 | 2 Microsoft, Rsa | 2 Exchange Server, Securid | 2026-04-16 | N/A |
| An interaction between Microsoft Outlook Web Access (OWA) with RSA SecurID allows local users to bypass the SecurID authentication for a previous user via several submissions of an OWA Authentication request with the proper OWA password for the previous user, which is eventually accepted by OWA. | ||||
| CVE-2001-0146 | 1 Microsoft | 2 Exchange Server, Internet Information Services | 2026-04-16 | N/A |
| IIS 5.0 and Microsoft Exchange 2000 allow remote attackers to cause a denial of service (memory allocation error) by repeatedly sending a series of specially formatted URL's. | ||||
| CVE-2002-0368 | 1 Microsoft | 1 Exchange Server | 2026-04-16 | N/A |
| The Store Service in Microsoft Exchange 2000 allows remote attackers to cause a denial of service (CPU consumption) via a mail message with a malformed RFC message attribute, aka "Malformed Mail Attribute can Cause Exchange 2000 to Exhaust CPU Resources." | ||||
| CVE-2002-0055 | 1 Microsoft | 3 Exchange Server, Windows 2000, Windows Xp | 2026-04-16 | N/A |
| SMTP service in Microsoft Windows 2000, Windows XP Professional, and Exchange 2000 allows remote attackers to cause a denial of service via a command with a malformed data transfer (BDAT) request. | ||||
| CVE-2000-1139 | 1 Microsoft | 1 Exchange Server | 2026-04-16 | N/A |
| The installation of Microsoft Exchange 2000 before Rev. A creates a user account with a known password, which could allow attackers to gain privileges, aka the "Exchange User Account" vulnerability. | ||||
| CVE-1999-0993 | 1 Microsoft | 1 Exchange Server | 2026-04-16 | N/A |
| Modifications to ACLs (Access Control Lists) in Microsoft Exchange 5.5 do not take effect until the directory store cache is refreshed. | ||||
| CVE-2002-0054 | 1 Microsoft | 2 Exchange Server, Windows 2000 | 2026-04-16 | N/A |
| SMTP service in (1) Microsoft Windows 2000 and (2) Internet Mail Connector (IMC) in Exchange Server 5.5 does not properly handle responses to NTLM authentication, which allows remote attackers to perform mail relaying via an SMTP AUTH command using null session credentials. | ||||
| CVE-2006-1193 | 1 Microsoft | 1 Exchange Server | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Microsoft Exchange Server 2000 SP1 through SP3, when running Outlook Web Access (OWA), allows user-assisted remote attackers to inject arbitrary HTML or web script via unknown vectors related to "HTML parsing." | ||||
| CVE-2006-0027 | 1 Microsoft | 1 Exchange Server | 2026-04-16 | N/A |
| Unspecified vulnerability in Microsoft Exchange allows remote attackers to execute arbitrary code via e-mail messages with crafted (1) vCal or (2) iCal Calendar properties. | ||||
| CVE-2002-0049 | 1 Microsoft | 1 Exchange Server | 2026-04-16 | N/A |
| Microsoft Exchange Server 2000 System Attendant gives "Everyone" group privileges to the WinReg key, which could allow remote attackers to read or modify registry keys. | ||||
| CVE-2000-1006 | 1 Microsoft | 1 Exchange Server | 2026-04-16 | N/A |
| Microsoft Exchange Server 5.5 does not properly handle a MIME header with a blank charset specified, which allows remote attackers to cause a denial of service via a charset="" command, aka the "Malformed MIME Header" vulnerability. | ||||
| CVE-2006-0002 | 1 Microsoft | 3 Exchange Server, Office, Outlook | 2026-04-16 | N/A |
| Unspecified vulnerability in Microsoft Outlook 2000 through 2003, Exchange 5.0 Server SP2 and 5.5 SP4, Exchange 2000 SP3, and Office allows remote attackers to execute arbitrary code via an e-mail message with a crafted Transport Neutral Encapsulation Format (TNEF) MIME attachment, related to message length validation. | ||||
| CVE-2005-1987 | 1 Microsoft | 4 Exchange Server, Windows 2000, Windows Server 2003 and 1 more | 2026-04-16 | N/A |
| Buffer overflow in Collaboration Data Objects (CDO), as used in Microsoft Windows and Microsoft Exchange Server, allows remote attackers to execute arbitrary code when CDOSYS or CDOEX processes an e-mail message with a large header name, as demonstrated using the "Content-Type" string. | ||||
| CVE-2001-1319 | 1 Microsoft | 1 Exchange Server | 2026-04-16 | N/A |
| Microsoft Exchange 5.5 2000 allows remote attackers to cause a denial of service (hang) via exceptional BER encodings for the LDAP filter type field, as demonstrated by the PROTOS LDAPv3 test suite. | ||||
| CVE-2002-1873 | 1 Microsoft | 1 Exchange Server | 2026-04-16 | N/A |
| Microsoft Exchange 2000, when used with Microsoft Remote Procedure Call (MSRPC), allows remote attackers to cause a denial of service (crash or memory consumption) via malformed MSRPC calls. | ||||
| CVE-1999-0385 | 1 Microsoft | 1 Exchange Server | 2026-04-16 | N/A |
| The LDAP bind function in Exchange 5.5 has a buffer overflow that allows a remote attacker to conduct a denial of service or execute commands. | ||||
| CVE-2005-0738 | 1 Microsoft | 1 Exchange Server | 2026-04-16 | N/A |
| Stack consumption vulnerability in Microsoft Exchange Server 2003 SP1 allows users to cause a denial of service (hang) by deleting or moving a folder with deeply nested subfolders, which causes Microsoft Exchange Information Store service (Store.exe) to hang as a result of a large number of recursive calls. | ||||
| CVE-2005-0563 | 1 Microsoft | 1 Exchange Server | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Microsoft Outlook Web Access (OWA) component in Exchange Server 5.5 allows remote attackers to inject arbitrary web script or HTML via an email message with an encoded javascript: URL ("javAsc
ript:") in an IMG tag. | ||||