cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2019-1084,https://securityvulnerability.io/vulnerability/CVE-2019-1084,,"An information disclosure vulnerability exists when Exchange allows creation of entities with Display Names having non-printable characters. An authenticated attacker could exploit this vulnerability by creating entities with invalid display names, which, when added to conversations, remain invisible. This security update addresses the issue by validating display names upon creation in Microsoft Exchange, and by rendering invalid display names correctly in Microsoft Outlook clients., aka 'Microsoft Exchange Information Disclosure Vulnerability'.",Microsoft,"Microsoft Exchange Server,Microsoft Outlook,Microsoft Office,Microsoft Lync,Microsoft Lync Basic,Microsoft Outlook For Android,Skype For Business,Skype For Business Basic,Office 365 Proplus,Microsoft Exchange Server 2016,Microsoft Exchange Server 2019,Microsoft Exchange Server 2013,Mail And Calendar,Outlook For iOS",6.5,MEDIUM,0.0025100000202655792,false,false,false,false,,false,false,2019-07-15T18:56:21.000Z,0
CVE-2018-8305,https://securityvulnerability.io/vulnerability/CVE-2018-8305,,"An information disclosure vulnerability exists in Windows Mail Client when a message is opened, aka ""Windows Mail Client Information Disclosure Vulnerability."" This affects Mail, Calendar, and People in Windows 8.1 App Store.",Microsoft,"Mail, Calendar, And People In Windows 8.1 App Store",6.5,MEDIUM,0.01592000015079975,false,false,false,false,,false,false,2018-07-11T00:00:00.000Z,0
CVE-2017-17688,https://securityvulnerability.io/vulnerability/CVE-2017-17688,,"The OpenPGP specification allows a Cipher Feedback Mode (CFB) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL. NOTE: third parties report that this is a problem in applications that mishandle the Modification Detection Code (MDC) feature or accept an obsolete packet type, not a problem in the OpenPGP specification",Microsoft,"Outlook,Horde Imp,Maildroid,R2mail2,Mail,Airmail,Mailmate,Thunderbird,Emclient,Postbox,Webmail",5.9,MEDIUM,0.0052200001664459705,false,false,false,false,,false,false,2018-05-16T19:00:00.000Z,0
CVE-2017-17689,https://securityvulnerability.io/vulnerability/CVE-2017-17689,,"The S/MIME specification allows a Cipher Block Chaining (CBC) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL.",Microsoft,"Outlook,Horde Imp,Gmail,Nine,Maildroid,R2mail2,Mail,Airmail,Mailmate,Kmail,Trojita,Evolution,Thunderbird,Notes,Emclient,Postbox,The Bat",5.9,MEDIUM,0.0016799999866634607,false,false,false,false,,false,false,2018-05-16T19:00:00.000Z,0
CVE-2013-1299,https://securityvulnerability.io/vulnerability/CVE-2013-1299,,Microsoft Windows Modern Mail allows remote attackers to spoof link targets via a crafted HTML e-mail message.,Microsoft,Modern Mail,,,0.0073899999260902405,false,false,false,false,,false,false,2013-03-29T16:09:00.000Z,0
CVE-2008-1448,https://securityvulnerability.io/vulnerability/CVE-2008-1448,,"The MHTML protocol handler in a component of Microsoft Outlook Express 5.5 SP2 and 6 through SP1, and Windows Mail, does not assign the correct Internet Explorer Security Zone to UNC share pathnames, which allows remote attackers to bypass intended access restrictions and read arbitrary files via an mhtml: URI in conjunction with a redirection, aka ""URL Parsing Cross-Domain Information Disclosure Vulnerability.""",Microsoft,"Outlook Express,Windows Mail",,,0.5492500066757202,false,false,false,false,,false,false,2008-08-13T00:00:00.000Z,0
CVE-2008-3068,https://securityvulnerability.io/vulnerability/CVE-2008-3068,,"Microsoft Crypto API 5.131.2600.2180 through 6.0, as used in Outlook, Windows Live Mail, and Office 2007, performs Certificate Revocation List (CRL) checks by using an arbitrary URL from a certificate embedded in a (1) S/MIME e-mail message or (2) signed document, which allows remote attackers to obtain reading times and IP addresses of recipients, and port-scan results, via a crafted certificate with an Authority Information Access (AIA) extension.",Microsoft,"Frontpage,Sharepoint Designer,Office Communicator,Access,Visio Professional,Outlook,Project Standard,Powerpoint,Infopath,Visio Standard,Windows Live Mail,Publisher,Onenote,Excel,Project Professional,Office,Groove",,,0.05584000051021576,false,false,false,false,,false,false,2008-07-07T23:41:00.000Z,0
CVE-2007-3897,https://securityvulnerability.io/vulnerability/CVE-2007-3897,,"Heap-based buffer overflow in Microsoft Outlook Express 6 and earlier, and Windows Mail for Vista, allows remote Network News Transfer Protocol (NNTP) servers to execute arbitrary code via long NNTP responses that trigger memory corruption.",Microsoft,"Outlook Express,Windows Mail",,,0.9571400284767151,false,false,false,false,,false,false,2007-10-09T22:00:00.000Z,0