Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lync server vulnerabilities and exploits
(subscribe to this query)
7.1
CVSSv2
CVE-2019-1029
A denial of service vulnerability exists in Skype for Business, aka 'Skype for Business and Lync Server Denial of Service Vulnerability'.
Microsoft Lync Server 2013
Microsoft Lync Server 2010
1 Article
5
CVSSv2
CVE-2014-4068
The Response Group Service in Microsoft Lync Server 2010 and 2013 and the Core Components in Lync Server 2013 do not properly handle exceptions, which allows remote malicious users to cause a denial of service (daemon hang) via a crafted call, aka "Lync Denial of Service Vul...
Microsoft Lync Server 2010
Microsoft Lync Server 2013
4.3
CVSSv2
CVE-2014-1823
Cross-site scripting (XSS) vulnerability in the Web Components Server in Microsoft Lync Server 2010 and 2013 allows remote malicious users to inject arbitrary web script or HTML via a crafted URL containing a valid meeting ID, aka "Lync Server Content Sanitization Vulnerabil...
Microsoft Lync Server 2013
Microsoft Lync Server 2010
9.3
CVSSv2
CVE-2013-1302
Microsoft Communicator 2007 R2, Lync 2010, Lync 2010 Attendee, and Lync Server 2013 do not properly handle objects in memory, which allows remote malicious users to execute arbitrary code via an invitation that triggers access to a deleted object, aka "Lync RCE Vulnerability...
Microsoft Lync Server 2013
Microsoft Office Communicator 2007
Microsoft Lync 2010
4.3
CVSSv2
CVE-2015-2532
Cross-site scripting (XSS) vulnerability in Microsoft Lync Server 2013 allows remote malicious users to inject arbitrary web script or HTML via a crafted URL, aka "Lync Server XSS Information Disclosure Vulnerability."
Microsoft Lync Server 2013
5
CVSSv2
CVE-2014-4071
The Server in Microsoft Lync Server 2013 allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon hang) via a crafted request, aka "Lync Denial of Service Vulnerability."
Microsoft Lync Server 2013
4.3
CVSSv2
CVE-2014-4070
Cross-site scripting (XSS) vulnerability in the Web Components Server in Microsoft Lync Server 2013 allows remote malicious users to inject arbitrary web script or HTML via a crafted URL, aka "Lync XSS Information Disclosure Vulnerability."
Microsoft Lync Server 2013
9.3
CVSSv2
CVE-2013-3906
GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2; Office 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Office Compatibility Pack SP3; and Lync 2010, 2010 Attendee, 2013, and Basic 2013 allows remote malicious users to execute arbitrary code via a crafted TIFF image, as demonst...
Microsoft Office 2010
Microsoft Office 2007
Microsoft Office 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Lync 2010
Microsoft Lync 2013
Microsoft Lync Basic 2013
1 EDB exploit
2 Github repositories
5 Articles
4.3
CVSSv2
CVE-2019-0798
A spoofing vulnerability exists when a Lync Server or Skype for Business Server does not properly sanitize a specially crafted request, aka 'Skype for Business and Lync Spoofing Vulnerability'.
Microsoft Lync Server 2013
Microsoft Skype For Business Server 2015
1 Article
5.8
CVSSv2
CVE-2021-24073
Skype for Business and Lync Spoofing Vulnerability
Microsoft Lync Server 2013
Microsoft Skype For Business Server 2015
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »