Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (239 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2018-8581 1 Microsoft 1 Exchange Server 2025-10-28 7.4 High
An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka "Microsoft Exchange Server Elevation of Privilege Vulnerability." This affects Microsoft Exchange Server.
CVE-2017-8540 1 Microsoft 19 Endpoint Protection, Exchange Server, Forefront Endpoint Protection and 16 more 2025-10-22 7.8 High
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to memory corruption. aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability", a different vulnerability than CVE-2017-8538 and CVE-2017-8541.
CVE-2025-25007 1 Microsoft 1 Exchange Server 2025-09-17 5.3 Medium
Improper validation of syntactic correctness of input in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.
CVE-2025-25006 1 Microsoft 1 Exchange Server 2025-09-17 5.3 Medium
Improper handling of additional special element in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.
CVE-2025-25005 1 Microsoft 1 Exchange Server 2025-09-17 6.5 Medium
Improper input validation in Microsoft Exchange Server allows an authorized attacker to perform tampering over a network.
CVE-2025-33051 1 Microsoft 1 Exchange Server 2025-09-17 7.5 High
Exposure of sensitive information to an unauthorized actor in Microsoft Exchange Server allows an unauthorized attacker to disclose information over a network.
CVE-2020-17143 1 Microsoft 1 Exchange Server 2025-08-28 8.8 High
Microsoft Exchange Server Information Disclosure Vulnerability
CVE-2020-17142 1 Microsoft 1 Exchange Server 2025-08-28 9.1 Critical
Microsoft Exchange Remote Code Execution Vulnerability
CVE-2020-17141 1 Microsoft 1 Exchange Server 2025-08-28 8.4 High
Microsoft Exchange Remote Code Execution Vulnerability
CVE-2020-17132 1 Microsoft 1 Exchange Server 2025-08-28 9.1 Critical
Microsoft Exchange Remote Code Execution Vulnerability
CVE-2020-17117 1 Microsoft 1 Exchange Server 2025-08-28 6.6 Medium
Microsoft Exchange Remote Code Execution Vulnerability
CVE-2021-26855 1 Microsoft 1 Exchange Server 2025-07-30 9.1 Critical
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2021-27065 1 Microsoft 1 Exchange Server 2025-07-30 7.8 High
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2021-31207 1 Microsoft 1 Exchange Server 2025-07-30 6.6 Medium
Microsoft Exchange Server Security Feature Bypass Vulnerability
CVE-2021-31196 1 Microsoft 1 Exchange Server 2025-07-30 7.2 High
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2021-33766 1 Microsoft 1 Exchange Server 2025-07-30 7.3 High
Microsoft Exchange Server Information Disclosure Vulnerability
CVE-2021-42321 1 Microsoft 1 Exchange Server 2025-07-30 8.8 High
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2024-49040 1 Microsoft 1 Exchange Server 2025-07-08 7.5 High
Microsoft Exchange Server Spoofing Vulnerability
CVE-2022-23277 1 Microsoft 1 Exchange Server 2025-07-08 8.8 High
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2022-24463 1 Microsoft 1 Exchange Server 2025-07-08 6.5 Medium
Microsoft Exchange Server Spoofing Vulnerability