Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lync vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2015-6061
Cross-site scripting (XSS) vulnerability in Microsoft Skype for Business 2016, Lync 2010 and 2013 SP1, Lync 2010 Attendee, and Lync Room System allows remote malicious users to inject arbitrary web script or HTML via an instant-message session, aka "Server Input Validation I...
Microsoft Skype For Business 2016
Microsoft Lync Room System -
Microsoft Lync 2010
Microsoft Lync 2013
4.3
CVSSv2
CVE-2014-1823
Cross-site scripting (XSS) vulnerability in the Web Components Server in Microsoft Lync Server 2010 and 2013 allows remote malicious users to inject arbitrary web script or HTML via a crafted URL containing a valid meeting ID, aka "Lync Server Content Sanitization Vulnerabil...
Microsoft Lync Server 2013
Microsoft Lync Server 2010
5
CVSSv2
CVE-2014-4068
The Response Group Service in Microsoft Lync Server 2010 and 2013 and the Core Components in Lync Server 2013 do not properly handle exceptions, which allows remote malicious users to cause a denial of service (daemon hang) via a crafted call, aka "Lync Denial of Service Vul...
Microsoft Lync Server 2010
Microsoft Lync Server 2013
7.1
CVSSv2
CVE-2019-1029
A denial of service vulnerability exists in Skype for Business, aka 'Skype for Business and Lync Server Denial of Service Vulnerability'.
Microsoft Lync Server 2013
Microsoft Lync Server 2010
1 Article
9.3
CVSSv2
CVE-2013-1302
Microsoft Communicator 2007 R2, Lync 2010, Lync 2010 Attendee, and Lync Server 2013 do not properly handle objects in memory, which allows remote malicious users to execute arbitrary code via an invitation that triggers access to a deleted object, aka "Lync RCE Vulnerability...
Microsoft Lync Server 2013
Microsoft Office Communicator 2007
Microsoft Lync 2010
9.3
CVSSv2
CVE-2015-2431
Microsoft Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 2010 Attendee, Lync 2013 SP1, and Lync Basic 2013 SP1 allow remote malicious users to execute arbitrary code via a crafted Office Graphics Library (OGL) font, aka "Microsoft Office Graphics Co...
Microsoft Lync Basic 2013
Microsoft Office 2010
Microsoft Lync 2010
Microsoft Live Meeting 2007
1 EDB exploit
9.3
CVSSv2
CVE-2013-3906
GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2; Office 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Office Compatibility Pack SP3; and Lync 2010, 2010 Attendee, 2013, and Basic 2013 allows remote malicious users to execute arbitrary code via a crafted TIFF image, as demonst...
Microsoft Office 2010
Microsoft Office 2007
Microsoft Office 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Lync 2010
Microsoft Lync 2013
Microsoft Lync Basic 2013
1 EDB exploit
2 Github repositories
5 Articles
4.3
CVSSv2
CVE-2019-1209
An information disclosure vulnerability exists in Lync 2013, aka 'Lync 2013 Information Disclosure Vulnerability'.
Microsoft Lync 2013
1 Article
9.3
CVSSv2
CVE-2012-1849
Untrusted search path vulnerability in Microsoft Lync 2010, 2010 Attendee, and 2010 Attendant allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .ocsmeet file, aka "Lync Insecure Libra...
Microsoft Lync 2010
4.3
CVSSv2
CVE-2014-4070
Cross-site scripting (XSS) vulnerability in the Web Components Server in Microsoft Lync Server 2013 allows remote malicious users to inject arbitrary web script or HTML via a crafted URL, aka "Lync XSS Information Disclosure Vulnerability."
Microsoft Lync Server 2013
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675
CVE-2024-3400
CVE-2024-23557
mass assignment
CVE-2023-1389
local file inclusion
CVE-2024-32596
file upload
CVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »