Home/Product/microsoft skype for business
Product

microsoft skype for business

33 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2024-20673
all versions
Microsoft Office Remote Code Execution Vulnerability
7.8HIGH
 CVE-2022-33633
all versions
Skype for Business and Lync Remote Code Execution Vulnerability
7.2HIGH
 CVE-2020-1025
all versions
An elevation of privilege vulnerability exists when Microsoft SharePoint Server and Skype for Business Server improperly handle OA
9.8CRITICAL
 CVE-2019-1490
all versions
A spoofing vulnerability exists when a Skype for Business Server does not properly sanitize a specially crafted request, aka 'Skyp
5.4MEDIUM
 CVE-2019-1084
all versions
An information disclosure vulnerability exists when Exchange allows creation of entities with Display Names having non-printable c
6.5MEDIUM
 CVE-2019-0624
all versions
A spoofing vulnerability exists when a Skype for Business 2015 server does not properly sanitize a specially crafted request, aka
5.4MEDIUM
 CVE-2018-8546
all versions
A denial of service vulnerability exists in Skype for Business, aka "Microsoft Skype for Business Denial of Service Vulnerability.
5.9MEDIUM
 CVE-2018-8311
all versions
A remote code execution vulnerability exists when Skype for Business and Microsoft Lync clients fail to properly sanitize speciall
8.8HIGH
 CVE-2018-8238
all versions
A security feature bypass vulnerability exists when Skype for Business or Lync do not properly parse UNC path links shared via mes
7.8HIGH
 CVE-2017-11786
all versions
Skype for Business in Microsoft Lync 2013 SP1 and Skype for Business 2016 allows an attacker to steal an authentication hash that
8.8HIGH
 CVE-2017-8696
all versions
Windows Uniscribe in Microsoft Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Office 2007 SP3; Office 2010 SP2; Word Viewer; O
7.5HIGH
 CVE-2017-8695
all versions
Windows Uniscribe in Microsoft Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Wi
5.3MEDIUM
 CVE-2017-8676
all versions
The Windows Graphics Device Interface (GDI) in Microsoft Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows S
3.3LOW
 CVE-2017-8527
all versions
Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windo
8.8HIGH
 CVE-2017-0283
all versions
Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Wind
8.8HIGH
 CVE-2017-0281
all versions
Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2016, Office Online Server 2016, Office Web Apps 2010 SP2,Offi
7.8HIGH
 CVE-2017-0108
all versions
The Windows Graphics Component in Microsoft Office 2007 SP3; 2010 SP2; and Word Viewer; Skype for Business 2016; Lync 2013 SP1; Ly
7.8HIGH
 CVE-2017-0073
all versions
The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1
4.3MEDIUM
 CVE-2017-0060
all versions
The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1
5.5MEDIUM
 CVE-2016-7182
all versions
The Graphics component in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Ser
9.8CRITICAL
 CVE-2016-3396
all versions
Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Win
7.8HIGH
 CVE-2016-3263
all versions
Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Win
5.5MEDIUM
 CVE-2016-3262
all versions
Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Win
5.5MEDIUM
 CVE-2016-3209
all versions
Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Win
5.5MEDIUM
 CVE-2016-3304
all versions
The Windows font library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Office 2007 SP3, Offic
7.8HIGH
 CVE-2016-3303
all versions
The Windows font library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Office 2007 SP3, Offic
7.8HIGH
 CVE-2016-3301
all versions
The Windows font library in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows S
7.8HIGH
 CVE-2016-0145
all versions
The font library in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 20
8.8HIGH
 CVE-2015-6108
all versions
The Windows font library in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8; Windows 8.1
 CVE-2015-6107
all versions
The Windows font library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1
 CVE-2015-6106
all versions
The Windows font library in Microsoft Windows Vista SP2, Windows Server 2008 SP2, Office 2007 SP3, Office 2010 SP2, Word Viewer, S
 CVE-2015-6061
all versions
Cross-site scripting (XSS) vulnerability in Microsoft Skype for Business 2016, Lync 2010 and 2013 SP1, Lync 2010 Attendee, and Lyn
 CVE-2015-2503
all versions
Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin