cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-49040,https://securityvulnerability.io/vulnerability/CVE-2024-49040,Microsoft Exchange Server Spoofing Vulnerability,"This vulnerability in Microsoft Exchange Server allows attackers to exploit the email system through spoofing techniques. By manipulating the perception of sender authenticity, unauthorized users can send malicious email communications that appear trustworthy. This compromises the integrity of email transactions and poses a threat to organizational security. Companies utilizing affected versions of Microsoft Exchange are urged to implement necessary patches and updates to safeguard against potential attacks.",Microsoft,"Microsoft Exchange Server 2019 Cumulative Update 13,Microsoft Exchange Server 2019 Cumulative Update 14,Microsoft Exchange Server 2016 Cumulative Update 23",7.5,HIGH,0.0007300000288523734,false,,true,false,true,2024-11-12T21:45:53.000Z,,false,false,,2024-11-12T18:15:00.000Z,0
CVE-2024-26198,https://securityvulnerability.io/vulnerability/CVE-2024-26198,Remote Code Execution Vulnerability Affects Microsoft Exchange Server,"The vulnerability in Microsoft Exchange Server allows attackers to execute arbitrary code with elevated privileges. This results from improper input validation, enabling unauthorized actions on the affected system. Attackers could exploit this flaw through specially crafted requests, posing significant risks to data integrity and security. Organizations using vulnerable versions of Exchange Server should prioritize applying the necessary security updates to mitigate potential exploits.",Microsoft,"Microsoft Exchange Server 2019 Cumulative Update 14,Microsoft Exchange Server 2019 Cumulative Update 13,Microsoft Exchange Server 2016 Cumulative Update 23",8.8,HIGH,0.0020600000862032175,false,,true,false,true,2024-04-04T01:57:49.000Z,true,false,false,,2024-03-12T16:57:53.504Z,0
CVE-2024-21410,https://securityvulnerability.io/vulnerability/CVE-2024-21410,Elevation of Privilege Vulnerability Affects Microsoft Exchange Server,"A vulnerability has been identified in Microsoft Exchange Server that allows an attacker with specific conditions to elevate their privileges. This could lead to unauthorized actions and access to sensitive data within the Exchange environment. Organizations using affected versions of Exchange Server, particularly those relying on email services, are advised to assess their security measures and implement necessary countermeasures to safeguard their systems and data. For additional information and remediation steps, refer to the vendor's advisory.",Microsoft,"Microsoft Exchange Server 2016 Cumulative Update 23,Microsoft Exchange Server 2019 Cumulative Update 13,Microsoft Exchange Server 2019 Cumulative Update 14",9.8,CRITICAL,0.03415999934077263,true,2024-02-15T00:00:00.000Z,true,false,true,2024-02-15T00:00:00.000Z,true,true,false,,2024-02-13T18:02:48.590Z,9879
CVE-2023-36039,https://securityvulnerability.io/vulnerability/CVE-2023-36039,Microsoft Exchange Server Spoofing Vulnerability,"The spoofing vulnerability in Microsoft Exchange Server allows attackers to send emails that appear to come from legitimate sources, potentially leading to unauthorized access and exploitation of sensitive information. By leveraging this vulnerability, malicious actors can impersonate trusted users, circumvent email security measures, and compromise the integrity of communications within an organization.",Microsoft,"Microsoft Exchange Server 2016 Cumulative Update 23,Microsoft Exchange Server 2019 Cumulative Update 12,Microsoft Exchange Server 2019 Cumulative Update 13",8,HIGH,0.0007999999797903001,false,,false,false,false,,,false,false,,2023-11-14T18:15:00.000Z,0
CVE-2023-36050,https://securityvulnerability.io/vulnerability/CVE-2023-36050,Microsoft Exchange Server Spoofing Vulnerability,"The susceptibility in Microsoft Exchange Server allows attackers to exploit spoofing techniques, potentially leading to unauthorized access and manipulation of email communications. These vulnerabilities could enable malicious actors to impersonate legitimate users, raising significant security risks for organizations relying on this email server. Addressing this flaw is crucial for maintaining the integrity and confidentiality of organizational communications.",Microsoft,"Microsoft Exchange Server 2019 Cumulative Update 12,Microsoft Exchange Server 2016 Cumulative Update 23,Microsoft Exchange Server 2019 Cumulative Update 13",8,HIGH,0.0007999999797903001,false,,false,false,false,,,false,false,,2023-11-14T18:15:00.000Z,0
CVE-2023-36439,https://securityvulnerability.io/vulnerability/CVE-2023-36439,Microsoft Exchange Server Remote Code Execution Vulnerability,"A significant security vulnerability in Microsoft Exchange Server permits an attacker to execute arbitrary commands on the server. This flaw exploits inadequate input validation, allowing unauthorized actions that can compromise the integrity and confidentiality of the system. IT administrators must apply updated security patches to mitigate the associated risks and protect organizational data.",Microsoft,"Microsoft Exchange Server 2016 Cumulative Update 23,Microsoft Exchange Server 2019 Cumulative Update 13,Microsoft Exchange Server 2019 Cumulative Update 12",8,HIGH,0.0008900000248104334,false,,false,false,false,,,false,false,,2023-11-14T18:15:00.000Z,0
CVE-2023-36035,https://securityvulnerability.io/vulnerability/CVE-2023-36035,Microsoft Exchange Server Spoofing Vulnerability,"A spoofing vulnerability in Microsoft Exchange Server enables attackers to impersonate legitimate users, potentially leading to unauthorized access and manipulation of sensitive information. This vulnerability could be exploited without user interaction, making timely updates and patches crucial for maintaining secure communications within organizations. For more details and remediation steps, please refer to the official Microsoft advisory.",Microsoft,"Microsoft Exchange Server 2016 Cumulative Update 23,Microsoft Exchange Server 2019 Cumulative Update 12,Microsoft Exchange Server 2019 Cumulative Update 13",8,HIGH,0.0007999999797903001,false,,false,false,false,,,false,false,,2023-11-14T18:15:00.000Z,0
CVE-2023-36778,https://securityvulnerability.io/vulnerability/CVE-2023-36778,Microsoft Exchange Server Remote Code Execution Vulnerability,"This vulnerability in Microsoft Exchange Server allows an attacker to execute arbitrary code remotely. If exploited, it can lead to significant security breaches, compromising sensitive data and the integrity of the affected system. Administrators should apply available security patches to mitigate the risks associated with this vulnerability.",Microsoft,"Microsoft Exchange Server 2019 Cumulative Update 13,Microsoft Exchange Server 2019 Cumulative Update 12,Microsoft Exchange Server 2016 Cumulative Update 23",8,HIGH,0.002240000059828162,false,,false,false,false,,,false,false,,2023-10-10T18:15:00.000Z,0
CVE-2023-36757,https://securityvulnerability.io/vulnerability/CVE-2023-36757,Microsoft Exchange Server Spoofing Vulnerability,"A spoofing vulnerability exists in Microsoft Exchange Server. This flaw allows an attacker to impersonate another user, potentially leading to unauthorized access to email accounts and sensitive information. Organizations that rely on Microsoft Exchange Server for their communications should prioritize implementing security measures to mitigate the risks associated with this vulnerability. For more information and remediation guidance, refer to the official advisory from Microsoft.",Microsoft,"Microsoft Exchange Server 2016 Cumulative Update 23,Microsoft Exchange Server 2019 Cumulative Update 12,Microsoft Exchange Server 2019 Cumulative Update 13",8,HIGH,0.19179999828338623,false,,false,false,false,,,false,false,,2023-09-12T17:15:00.000Z,0
CVE-2023-36744,https://securityvulnerability.io/vulnerability/CVE-2023-36744,Microsoft Exchange Server Remote Code Execution Vulnerability,"This vulnerability in Microsoft Exchange Server allows an attacker to remotely execute arbitrary code on the server. By exploiting this flaw, an attacker can gain control over the server, potentially leading to data breaches and system compromise. It is crucial for organizations using affected versions to assess their security posture and apply necessary patches to mitigate risks associated with this vulnerability.",Microsoft,"Microsoft Exchange Server 2019 Cumulative Update 12,Microsoft Exchange Server 2016 Cumulative Update 23,Microsoft Exchange Server 2019 Cumulative Update 13",8,HIGH,0.0008800000068731606,false,,false,false,false,,,false,false,,2023-09-12T17:15:00.000Z,0
CVE-2023-36756,https://securityvulnerability.io/vulnerability/CVE-2023-36756,Microsoft Exchange Server Remote Code Execution Vulnerability,"A remote code execution vulnerability in Microsoft Exchange Server allows an attacker to execute arbitrary code on the server. This occurs when the server processes maliciously crafted requests. Successful exploitation may lead to the attacker gaining control over the affected system, potentially compromising sensitive data and operational integrity. It is essential for organizations using Exchange Server to apply security patches and monitor for unusual activities to mitigate risks.",Microsoft,"Microsoft Exchange Server 2016 Cumulative Update 23,Microsoft Exchange Server 2019 Cumulative Update 13,Microsoft Exchange Server 2019 Cumulative Update 12",8,HIGH,0.0008800000068731606,false,,false,false,false,,,false,false,,2023-09-12T17:15:00.000Z,0
CVE-2023-36745,https://securityvulnerability.io/vulnerability/CVE-2023-36745,Microsoft Exchange Server Remote Code Execution Vulnerability,"A remote code execution vulnerability exists in Microsoft Exchange Server, allowing an attacker to execute arbitrary code on the affected server. This can lead to unauthorized access and potential system compromise. It is essential for users to apply the latest security updates to mitigate this vulnerability. For detailed information, refer to the vendor's advisory.",Microsoft,"Microsoft Exchange Server 2019 Cumulative Update 13,Microsoft Exchange Server 2019 Cumulative Update 12,Microsoft Exchange Server 2016 Cumulative Update 23",8,HIGH,0.0017000000225380063,false,,false,false,true,2023-10-23T19:06:36.000Z,true,false,false,,2023-09-12T17:15:00.000Z,0
CVE-2023-36777,https://securityvulnerability.io/vulnerability/CVE-2023-36777,Microsoft Exchange Server Information Disclosure Vulnerability,Microsoft Exchange Server Information Disclosure Vulnerability,Microsoft,"Microsoft Exchange Server 2019 Cumulative Update 12,Microsoft Exchange Server 2016 Cumulative Update 23,Microsoft Exchange Server 2019 Cumulative Update 13",5.7,MEDIUM,0.002240000059828162,false,,false,false,false,,,false,false,,2023-09-12T17:15:00.000Z,0
CVE-2023-38182,https://securityvulnerability.io/vulnerability/CVE-2023-38182,Microsoft Exchange Server Remote Code Execution Vulnerability,"This vulnerability in Microsoft Exchange Server allows an attacker to execute arbitrary code on the affected server. By exploiting this flaw, unauthorized users could gain elevated access and control over system resources. Organizations using Microsoft Exchange Server 2016 and 2019 need to apply the necessary patches to mitigate the risks posed by this vulnerability and protect their infrastructure.",Microsoft,"Microsoft Exchange Server 2019 Cumulative Update 13,Microsoft Exchange Server 2016 Cumulative Update 23,Microsoft Exchange Server 2019 Cumulative Update 12",8,HIGH,0.0020099999383091927,false,,false,false,false,,,false,false,,2023-08-08T18:15:00.000Z,0
CVE-2023-38181,https://securityvulnerability.io/vulnerability/CVE-2023-38181,Microsoft Exchange Server Spoofing Vulnerability,"This vulnerability in Microsoft Exchange Server allows for potential spoofing attacks, where an attacker could impersonate another user within the email system. By exploiting this weakness, unauthorized individuals may send malicious emails that appear to be from trusted sources, posing significant risks to organizational security. Organizations utilizing affected versions of Exchange Server are advised to apply the latest security updates to mitigate these risks effectively.",Microsoft,"Microsoft Exchange Server 2019 Cumulative Update 12,Microsoft Exchange Server 2016 Cumulative Update 23,Microsoft Exchange Server 2019 Cumulative Update 13",8.8,HIGH,0.19179999828338623,false,,false,false,false,,,false,false,,2023-08-08T18:15:00.000Z,0
CVE-2023-38185,https://securityvulnerability.io/vulnerability/CVE-2023-38185,Microsoft Exchange Server Remote Code Execution Vulnerability,"A Remote Code Execution vulnerability exists in Microsoft Exchange Server, allowing attackers to execute arbitrary code on the affected system. This vulnerability can be exploited when an attacker sends specially crafted requests to an affected Exchange server, potentially allowing them to gain unauthorized control over the server. It is crucial for organizations to apply the necessary security updates to mitigate the risks associated with this vulnerability.",Microsoft,"Microsoft Exchange Server 2019 Cumulative Update 13,Microsoft Exchange Server 2019 Cumulative Update 12,Microsoft Exchange Server 2016 Cumulative Update 23",8.8,HIGH,0.0020099999383091927,false,,false,false,false,,,false,false,,2023-08-08T18:15:00.000Z,0
CVE-2023-35388,https://securityvulnerability.io/vulnerability/CVE-2023-35388,Microsoft Exchange Server Remote Code Execution Vulnerability,"A reported vulnerability in Microsoft Exchange Server allows for remote code execution, posing significant risks if exploited. Attackers may gain unauthorized control, compromising sensitive data and systems. It’s essential for organizations using affected versions to implement patches and improve security measures to mitigate this threat. Regular updates and vigilant monitoring are crucial strategies to protect against vulnerabilities of this nature.",Microsoft,"Microsoft Exchange Server 2019 Cumulative Update 13,Microsoft Exchange Server 2016 Cumulative Update 23,Microsoft Exchange Server 2019 Cumulative Update 12",8,HIGH,0.0020099999383091927,false,,false,false,false,,,false,false,,2023-08-08T18:15:00.000Z,0
CVE-2023-21709,https://securityvulnerability.io/vulnerability/CVE-2023-21709,Microsoft Exchange Server Elevation of Privilege Vulnerability,"The vulnerability in Microsoft Exchange Server allows attackers to gain elevated privileges, potentially compromising sensitive data and system integrity. It is crucial for organizations to apply the latest updates provided by Microsoft to mitigate this vulnerability and enhance their cybersecurity posture.",Microsoft,"Microsoft Exchange Server 2019 Cumulative Update 12,Microsoft Exchange Server 2016 Cumulative Update 23,Microsoft Exchange Server 2019 Cumulative Update 13",9.8,CRITICAL,0.00046999999904073775,false,,false,false,false,,,false,false,,2023-08-08T18:15:00.000Z,0
CVE-2023-35368,https://securityvulnerability.io/vulnerability/CVE-2023-35368,Microsoft Exchange Remote Code Execution Vulnerability,"A remote code execution vulnerability exists in Microsoft Exchange Server that could allow an attacker to run arbitrary code on the server. This issue arises when the software fails to properly handle requests. Exploitation of this vulnerability enables a malicious actor to execute commands with the same privileges as the Exchange Server service user, potentially compromising sensitive data and disrupting service. Organizations using affected versions of Microsoft Exchange Server are advised to review their security posture and apply necessary mitigations.",Microsoft,"Microsoft Exchange Server 2019 Cumulative Update 13,Microsoft Exchange Server 2016 Cumulative Update 23,Microsoft Exchange Server 2019 Cumulative Update 12",8.8,HIGH,0.002520000096410513,false,,false,false,false,,,false,false,,2023-08-08T18:15:00.000Z,0
CVE-2023-28310,https://securityvulnerability.io/vulnerability/CVE-2023-28310,Microsoft Exchange Server Remote Code Execution Vulnerability,"A remote code execution vulnerability in Microsoft Exchange Server allows an attacker to execute arbitrary code on the affected server. Exploitation of this vulnerability can lead to unauthorized access, data compromise, and potential disruption of services. It is critical for administrators to apply the necessary patches and updates to mitigate risks associated with this security flaw.",Microsoft,"Microsoft Exchange Server 2016 Cumulative Update 23,Microsoft Exchange Server 2019 Cumulative Update 12,Microsoft Exchange Server 2019 Cumulative Update 13",8,HIGH,0.0013099999632686377,false,,true,false,false,,,false,false,,2023-06-14T15:15:00.000Z,0
CVE-2023-32031,https://securityvulnerability.io/vulnerability/CVE-2023-32031,Microsoft Exchange Server Remote Code Execution Vulnerability,"The Microsoft Exchange Server vulnerability allows attackers to execute arbitrary code on the server, potentially leading to unauthorized access and data breaches. This issue arises from insufficient input validation in the Exchange Server software, creating a pathway for exploitation. Administrators should ensure that their systems are up to date with the latest patches and security updates to mitigate against this threat. For further details and a comprehensive guide, refer to the official Microsoft advisory.",Microsoft,"Microsoft Exchange Server 2019 Cumulative Update 12,Microsoft Exchange Server 2016 Cumulative Update 23,Microsoft Exchange Server 2019 Cumulative Update 13",8.8,HIGH,0.0018100000452250242,false,,true,false,true,2023-11-10T09:32:27.000Z,true,false,false,,2023-06-14T15:15:00.000Z,0
CVE-2023-21707,https://securityvulnerability.io/vulnerability/CVE-2023-21707,Microsoft Exchange Server Remote Code Execution Vulnerability,"A remote code execution vulnerability exists in Microsoft Exchange Server, which could allow an authenticated attacker to execute arbitrary code on the affected system. The flaw arises due to improper handling of requests. An attacker who successfully exploited this vulnerability could take control of the system and perform actions as an administrator. It is crucial for organizations to apply the relevant security updates and mitigate potential risks associated with this vulnerability.",Microsoft,"Microsoft Exchange Server 2016 Cumulative Update 23,Microsoft Exchange Server 2019 Cumulative Update 12,Microsoft Exchange Server 2019 Cumulative Update 11,Microsoft Exchange Server 2013 Cumulative Update 23",8.8,HIGH,0.003280000062659383,false,,false,false,true,2023-06-30T10:15:07.000Z,true,false,false,,2023-02-14T20:15:00.000Z,0
CVE-2023-21706,https://securityvulnerability.io/vulnerability/CVE-2023-21706,Microsoft Exchange Server Remote Code Execution Vulnerability,"A remote code execution vulnerability has been identified in Microsoft Exchange Server, allowing attackers to execute arbitrary code on affected systems. By exploiting this flaw, an unauthenticated attacker could potentially gain control over the server and its associated data. It is crucial for organizations using Exchange Server to assess their security posture and apply necessary patches to mitigate the risk.",Microsoft,"Microsoft Exchange Server 2019 Cumulative Update 12,Microsoft Exchange Server 2016 Cumulative Update 23,Microsoft Exchange Server 2019 Cumulative Update 11,Microsoft Exchange Server 2013 Cumulative Update 23",8.8,HIGH,0.0028699999675154686,false,,false,false,false,,,false,false,,2023-02-14T20:15:00.000Z,0
CVE-2023-21710,https://securityvulnerability.io/vulnerability/CVE-2023-21710,Microsoft Exchange Server Remote Code Execution Vulnerability,"A vulnerability exists in Microsoft Exchange Server that allows an attacker to execute arbitrary code on the server remotely. By exploiting this vulnerability, an unauthorized user could take control of the system, potentially leading to data breaches, unauthorized access, and other malicious activities. It is critical for organizations using affected versions of Microsoft Exchange Server to apply the necessary patches and updates to mitigate this security risk.",Microsoft,"Microsoft Exchange Server 2016 Cumulative Update 23,Microsoft Exchange Server 2019 Cumulative Update 11,Microsoft Exchange Server 2019 Cumulative Update 12",7.2,HIGH,0.0013899999903514981,false,,false,false,false,,,false,false,,2023-02-14T20:15:00.000Z,0
CVE-2023-21529,https://securityvulnerability.io/vulnerability/CVE-2023-21529,Remote Code Execution Vulnerability Affects Microsoft Exchange Server,"A vulnerability has been identified in Microsoft Exchange Server that allows for remote code execution. This security flaw could enable an attacker to execute arbitrary code on affected systems, potentially compromising data integrity and confidentiality. Organizations using Microsoft Exchange Server 2016 and 2019 are strongly encouraged to apply the latest security updates to mitigate this risk. Detailed information about the vulnerability and available patches can be found in the Microsoft advisory.",Microsoft,"Microsoft Exchange Server 2019 Cumulative Update 12,Microsoft Exchange Server 2019 Cumulative Update 11,Microsoft Exchange Server 2013 Cumulative Update 23,Microsoft Exchange Server 2016 Cumulative Update 23",8.8,HIGH,0.0017600000137463212,false,,false,false,true,2024-03-09T01:01:54.000Z,true,false,false,,2023-02-14T20:15:00.000Z,0