Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lync server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-4068
The Response Group Service in Microsoft Lync Server 2010 and 2013 and the Core Components in Lync Server 2013 do not properly handle exceptions, which allows remote malicious users to cause a denial of service (daemon hang) via a crafted call, aka "Lync Denial of Service Vul...
Microsoft Lync Server 2010
Microsoft Lync Server 2013
5.9
CVSSv3
CVE-2019-1029
A denial of service vulnerability exists in Skype for Business, aka 'Skype for Business and Lync Server Denial of Service Vulnerability'.
Microsoft Lync Server 2013
Microsoft Lync Server 2010
1 Article
NA
CVE-2014-1823
Cross-site scripting (XSS) vulnerability in the Web Components Server in Microsoft Lync Server 2010 and 2013 allows remote malicious users to inject arbitrary web script or HTML via a crafted URL containing a valid meeting ID, aka "Lync Server Content Sanitization Vulnerabil...
Microsoft Lync Server 2013
Microsoft Lync Server 2010
NA
CVE-2013-1302
Microsoft Communicator 2007 R2, Lync 2010, Lync 2010 Attendee, and Lync Server 2013 do not properly handle objects in memory, which allows remote malicious users to execute arbitrary code via an invitation that triggers access to a deleted object, aka "Lync RCE Vulnerability...
Microsoft Lync Server 2013
Microsoft Office Communicator 2007
Microsoft Lync 2010
NA
CVE-2015-2532
Cross-site scripting (XSS) vulnerability in Microsoft Lync Server 2013 allows remote malicious users to inject arbitrary web script or HTML via a crafted URL, aka "Lync Server XSS Information Disclosure Vulnerability."
Microsoft Lync Server 2013
NA
CVE-2014-4070
Cross-site scripting (XSS) vulnerability in the Web Components Server in Microsoft Lync Server 2013 allows remote malicious users to inject arbitrary web script or HTML via a crafted URL, aka "Lync XSS Information Disclosure Vulnerability."
Microsoft Lync Server 2013
NA
CVE-2014-4071
The Server in Microsoft Lync Server 2013 allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon hang) via a crafted request, aka "Lync Denial of Service Vulnerability."
Microsoft Lync Server 2013
NA
CVE-2013-3906
GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2; Office 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Office Compatibility Pack SP3; and Lync 2010, 2010 Attendee, 2013, and Basic 2013 allows remote malicious users to execute arbitrary code via a crafted TIFF image, as demonst...
Microsoft Office 2010
Microsoft Office 2007
Microsoft Office 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Lync 2010
Microsoft Lync 2013
Microsoft Lync Basic 2013
1 EDB exploit
2 Github repositories
5 Articles
NA
CVE-2015-2536
Cross-site scripting (XSS) vulnerability in Microsoft Lync Server 2013 and Skype for Business Server 2015 allows remote malicious users to inject arbitrary web script or HTML via a crafted URL, aka "Skype for Business Server and Lync Server XSS Elevation of Privilege Vulnera...
Microsoft Lync Server 2013
Microsoft Skype For Business Server 2015
6.5
CVSSv3
CVE-2021-26421
Skype for Business and Lync Spoofing Vulnerability
Microsoft Skype For Business Server 2015
Microsoft Lync Server 2013
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »