threat
engine
.sh
Back
·
··:··
Home
/
Product
/
skype technologies skype
Product
skype technologies skype
30 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2024-21411
< 8.113
Skype for Consumer Remote Code Execution Vulnerability
8.8
HIGH
CVE-2020-24003
<= 8.59.0.77
Microsoft Skype through 8.59.0.77 on macOS has the disable-library-validation entitlement, which allows a local process (with the
3.3
LOW
CVE-2019-0932
all versions
An information disclosure vulnerability exists in Skype for Android, aka 'Skype for Android Information Disclosure Vulnerability'.
5.9
MEDIUM
CVE-2019-0622
all versions
An elevation of privilege vulnerability exists when Skype for Andriod fails to properly handle specific authentication requests, a
4.6
MEDIUM
CVE-2018-0595
all versions
Untrusted search path vulnerability in the installer of Skype for Windows allows an attacker to gain privileges via a Trojan horse
7.8
HIGH
CVE-2018-0594
all versions
Untrusted search path vulnerability in Skype for Windows allows an attacker to gain privileges via a Trojan horse DLL in an unspec
7.8
HIGH
CVE-2017-9948
all versions
A stack buffer overflow vulnerability has been discovered in Microsoft Skype 7.2, 7.35, and 7.36 before 7.37, involving MSFTEDIT.D
8.8
HIGH
CVE-2017-6517
all versions
Microsoft Skype 7.16.0.102 contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code
9.8
CRITICAL
CVE-2016-5720
all versions
Multiple untrusted search path vulnerabilities in Microsoft Skype allow local users to execute arbitrary code and conduct DLL hija
7.8
HIGH
CVE-2011-2074
all versions
Unspecified vulnerability in the client in Skype 5.x before 5.1.0.922 on Mac OS X allows remote authenticated users to execute arb
CVE-2011-1717
all versions
Skype for Android stores sensitive user data without encryption in sqlite3 databases that have weak permissions, which allows loca
CVE-2010-3136
<= 4.2.0.169
Untrusted search path vulnerability in Skype 4.2.0.169 and earlier allows local users, and possibly remote attackers, to execute a
CVE-2009-4741
<= 4.1.0.166
Unspecified vulnerability in the Extras Manager before 2.0.0.67 in Skype before 4.1.0.179 on Windows has unknown impact and attack
CVE-2008-5697
all versions
The skype_tool.copy_num method in the Skype extension BETA 2.2.0.95 for Firefox allows remote attackers to write arbitrary data to
CVE-2008-2545
<= 3.8.0.115
Skype 3.6.0.248, and other versions before 3.8.0.139, uses a case-sensitive comparison when checking for dangerous extensions, whi
CVE-2008-1805
<= 3.8.0.115
Incomplete blacklist vulnerability in Skype 3.6.0.248, and other versions before 3.8.0.139, allows user-assisted remote attackers
CVE-2008-0583
all versions
Cross-zone scripting vulnerability in the Internet Explorer web control in Skype 3.6.0.244, and earlier 3.5.x and 3.6.x versions,
CVE-2008-0582
all versions
Cross-zone scripting vulnerability in the Internet Explorer web control in Skype 3.1 through 3.6.0.244 on Windows allows remote at
CVE-2008-0454
<= 3.6.0.244
Cross-zone scripting vulnerability in the Internet Explorer web control in Skype 3.6.0.244, and earlier 3.5.x and 3.6.x versions,
CVE-2007-5989
all versions
Unspecified vulnerability in the skype4com URI handler in Skype before 3.6 GOLD allows remote attackers to execute arbitrary code
CVE-2007-4429
all versions
Unspecified vulnerability in Skype allows remote attackers to cause a denial of service (server hang) via unknown vectors related
CVE-2006-5084
<= 1.5.0.79
Format string vulnerability in the NSRunAlertPanel function in eBay Skype for Mac 1.5.*.79 and earlier allows remote attackers to
CVE-2006-2312
< 2.0.0.105
Argument injection vulnerability in the URI handler in Skype 2.0.
.104 and 2.5.
.0 through 2.5.*.78 for Windows allows remote auth
CVE-2005-3267
all versions
Integer overflow in Skype client before 1.4.x.84 on Windows, before 1.3.x.17 on Mac OS, before 1.2.x.18 on Linux, and 1.1.x.6 and
CVE-2005-3265
all versions
Buffer overflow in Skype for Windows 1.1.x.0 through 1.4.x.83 allows remote attackers to execute arbitrary code via (1) callto://
CVE-2005-2300
<= 1.1.0.20
Skype 1.1.0.20 and earlier allows local users to overwrite arbitrary files via a symlink attack on the skype_profile.jpg temporary
CVE-2005-1407
all versions
Skype for Windows 1.2.0.0 to 1.2.0.46 allows local users to bypass the identity check for an authorized application, then call arb
CVE-2004-1114
all versions
Buffer overflow in the handling of command line arguments in Skype 1.0.x.94 through 1.0.x.98 allows remote attackers to execute ar
CVE-2004-1777
<= 0.98.0.27
A "range check error" in Skype for Windows before 0.98.0.28 allows local and remote attackers to cause a denial of service (applic
CVE-2004-1778
all versions
Skype 0.92.0.12 and 1.0.0.1 for Linux, and possibly other versions, creates the /usr/share/skype/lang directory with world-writabl
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin