cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score CVE-2024-20695,https://securityvulnerability.io/vulnerability/CVE-2024-20695,Skype for Business Information Disclosure Vulnerability,Skype for Business Information Disclosure Vulnerability,Microsoft,Skype For Business Server 2019 Cu7,5.7,MEDIUM,0.0005300000193528831,false,false,false,false,,false,false,2024-02-13T18:02:28.146Z,0 CVE-2024-20673,https://securityvulnerability.io/vulnerability/CVE-2024-20673,Microsoft Office Remote Code Execution Vulnerability,"A vulnerability exists in Microsoft Office where maliciously crafted documents can potentially allow an attacker to execute arbitrary code on a user's system. This occurs when a user opens a specially crafted Office file that can lead to unauthorized access and control over the affected system. The vulnerability highlights significant risks posed to users, emphasizing the necessity for prompt updates and security best practices to mitigate potential exploits.",Microsoft,"Microsoft Office 2019,Microsoft Office Ltsc 2021,Microsoft Excel 2016,Microsoft Office 2016,Microsoft Powerpoint 2016,Microsoft Visio 2016,Microsoft Word 2016,Microsoft Publisher 2016,Skype For Business 2016",7.8,HIGH,0.0005300000193528831,false,false,false,false,,false,false,2024-02-13T18:02:25.889Z,0 CVE-2023-36780,https://securityvulnerability.io/vulnerability/CVE-2023-36780,Skype for Business Remote Code Execution Vulnerability,Skype for Business Remote Code Execution Vulnerability,Microsoft,"Skype For Business Server 2019 Cu7,Skype For Business Server 2015 Cu13",7.2,HIGH,0.0021299999207258224,false,false,false,false,,false,false,2023-10-10T18:15:00.000Z,0 CVE-2023-36786,https://securityvulnerability.io/vulnerability/CVE-2023-36786,Skype for Business Remote Code Execution Vulnerability,Skype for Business Remote Code Execution Vulnerability,Microsoft,"Skype For Business Server 2015 Cu13,Skype For Business Server 2019 Cu7",7.2,HIGH,0.0021299999207258224,false,false,false,false,,false,false,2023-10-10T18:15:00.000Z,0 CVE-2023-36789,https://securityvulnerability.io/vulnerability/CVE-2023-36789,Skype for Business Remote Code Execution Vulnerability,Skype for Business Remote Code Execution Vulnerability,Microsoft,"Skype For Business Server 2019 Cu7,Skype For Business Server 2015 Cu13",7.2,HIGH,0.0019399999873712659,false,false,false,false,,false,false,2023-10-10T18:15:00.000Z,0 CVE-2023-41763,https://securityvulnerability.io/vulnerability/CVE-2023-41763,Skype for Business Elevation of Privilege Vulnerability,Skype for Business Elevation of Privilege Vulnerability,Microsoft,"Skype For Business Server 2015 Cu13,Skype For Business Server 2019 Cu7",5.3,MEDIUM,0.07573000341653824,true,true,false,true,,false,false,2023-10-10T18:15:00.000Z,0 CVE-2022-33633,https://securityvulnerability.io/vulnerability/CVE-2022-33633,Skype for Business and Lync Remote Code Execution Vulnerability,Skype for Business and Lync Remote Code Execution Vulnerability,Microsoft,"Microsoft Lync Server 2013 Cu10,Skype For Business Server 2015 Cu12,Skype For Business Server 2019 Cu6",7.2,HIGH,0.04531000182032585,false,false,false,false,,false,false,2022-07-12T23:15:00.000Z,0 CVE-2022-26911,https://securityvulnerability.io/vulnerability/CVE-2022-26911,Skype for Business Information Disclosure Vulnerability,Skype for Business Information Disclosure Vulnerability,Microsoft,"Microsoft Lync Server 2013 Cu10,Skype For Business Server 2015 Cu12,Skype For Business Server 2019 Cu6",6.5,MEDIUM,0.0006900000153109431,false,false,false,false,,false,false,2022-04-15T19:05:48.000Z,0 CVE-2022-26910,https://securityvulnerability.io/vulnerability/CVE-2022-26910,Skype for Business and Lync Spoofing Vulnerability,Skype for Business and Lync Spoofing Vulnerability,Microsoft,"Skype For Business Server 2015 Cu12,Skype For Business Server 2019 Cu6",5.3,MEDIUM,0.05527999997138977,false,false,false,false,,false,false,2022-04-15T19:05:46.000Z,0 CVE-2021-26422,https://securityvulnerability.io/vulnerability/CVE-2021-26422,Skype for Business and Lync Remote Code Execution Vulnerability,Skype for Business and Lync Remote Code Execution Vulnerability,Microsoft,"Microsoft Lync Server 2013 Cu10,Skype For Business Server 2019 Cu5,Skype For Business Server 2015 Cu11",7.2,HIGH,0.01874000020325184,false,false,false,false,,false,false,2021-05-11T19:11:13.000Z,0 CVE-2021-26421,https://securityvulnerability.io/vulnerability/CVE-2021-26421,Skype for Business and Lync Spoofing Vulnerability,Skype for Business and Lync Spoofing Vulnerability,Microsoft,"Skype For Business Server 2015 Cu11,Microsoft Lync Server 2013 Cu10",6.5,MEDIUM,0.001769999973475933,false,false,false,false,,false,false,2021-05-11T19:11:12.000Z,0 CVE-2021-24099,https://securityvulnerability.io/vulnerability/CVE-2021-24099,Skype for Business and Lync Denial of Service Vulnerability,Skype for Business and Lync Denial of Service Vulnerability,Microsoft,"Skype For Business Server 2019 Cu2,Skype For Business Server 2015 Cu 8,Microsoft Lync Server 2013",6.5,MEDIUM,0.002420000033453107,false,false,false,false,,false,false,2021-02-25T23:01:51.000Z,0 CVE-2021-24073,https://securityvulnerability.io/vulnerability/CVE-2021-24073,Skype for Business and Lync Spoofing Vulnerability,Skype for Business and Lync Spoofing Vulnerability,Microsoft,"Skype For Business Server 2015 Cu 8,Microsoft Lync Server 2013",6.5,MEDIUM,0.001769999973475933,false,false,false,false,,false,false,2021-02-25T23:01:37.000Z,0 CVE-2020-1025,https://securityvulnerability.io/vulnerability/CVE-2020-1025,Microsoft Office Elevation of Privilege Vulnerability,"An elevation of privilege vulnerability exists when Microsoft SharePoint Server and Skype for Business Server improperly handle OAuth token validation. An attacker who successfully exploited the vulnerability could bypass authentication and achieve improper access. To exploit this vulnerability, an attacker would need to modify the token. The update addresses the vulnerability by modifying how Microsoft SharePoint Server and Skype for Business Server validate tokens. ",Microsoft,"Skype For Business Server 2019 Cu2,Skype For Business Server 2015 Cu 8,Microsoft Lync Server 2013,Microsoft Sharepoint Enterprise Server 2016,Microsoft Sharepoint Server 2019,Microsoft Sharepoint Foundation 2013 Service Pack 1",9.8,CRITICAL,0.004209999926388264,false,false,false,false,,false,false,2020-07-14T23:15:00.000Z,0 CVE-2019-1490,https://securityvulnerability.io/vulnerability/CVE-2019-1490,,"A spoofing vulnerability exists when a Skype for Business Server does not properly sanitize a specially crafted request, aka 'Skype for Business Server Spoofing Vulnerability'.",Microsoft,Skype For Business Server 2019 Cu2,5.4,MEDIUM,0.0005300000193528831,false,false,false,false,,false,false,2019-12-10T21:41:08.000Z,0 CVE-2019-1084,https://securityvulnerability.io/vulnerability/CVE-2019-1084,,"An information disclosure vulnerability exists when Exchange allows creation of entities with Display Names having non-printable characters. An authenticated attacker could exploit this vulnerability by creating entities with invalid display names, which, when added to conversations, remain invisible. This security update addresses the issue by validating display names upon creation in Microsoft Exchange, and by rendering invalid display names correctly in Microsoft Outlook clients., aka 'Microsoft Exchange Information Disclosure Vulnerability'.",Microsoft,"Microsoft Exchange Server,Microsoft Outlook,Microsoft Office,Microsoft Lync,Microsoft Lync Basic,Microsoft Outlook For Android,Skype For Business,Skype For Business Basic,Office 365 Proplus,Microsoft Exchange Server 2016,Microsoft Exchange Server 2019,Microsoft Exchange Server 2013,Mail And Calendar,Outlook For iOS",6.5,MEDIUM,0.0025100000202655792,false,false,false,false,,false,false,2019-07-15T18:56:21.000Z,0 CVE-2019-0798,https://securityvulnerability.io/vulnerability/CVE-2019-0798,,"A spoofing vulnerability exists when a Lync Server or Skype for Business Server does not properly sanitize a specially crafted request, aka 'Skype for Business and Lync Spoofing Vulnerability'.",Microsoft,"Skype For Business Server 2015,Microsoft Lync Server 2013",6.1,MEDIUM,0.0014299999456852674,false,false,false,false,,false,false,2019-04-09T02:33:50.000Z,0 CVE-2017-11786,https://securityvulnerability.io/vulnerability/CVE-2017-11786,,"Skype for Business in Microsoft Lync 2013 SP1 and Skype for Business 2016 allows an attacker to steal an authentication hash that can be reused elsewhere, due to how Skype for Business handles authentication requests, aka ""Skype for Business Elevation of Privilege Vulnerability.""",Microsoft,Skype For Business,8.8,HIGH,0.0072200000286102295,false,false,false,false,,false,false,2017-10-10T00:00:00.000Z,0 CVE-2017-8696,https://securityvulnerability.io/vulnerability/CVE-2017-8696,,"Windows Uniscribe in Microsoft Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Office 2007 SP3; Office 2010 SP2; Word Viewer; Office for Mac 2011 and 2016; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Lync 2010 Attendee; and Live Meeting 2007 Add-in and Console allows an attacker to execute code remotely via a specially crafted website or a specially crafted document or email attachment, aka ""Microsoft Graphics Component Remote Code Execution.""",Microsoft,"Office 2010,Live Meeting,Lync,Windows 7,Office Web Apps,Windows Server 2008,Office Word Viewer,Skype For Business,Office 2007",7.5,HIGH,0.7000899910926819,false,false,false,false,,false,false,2017-09-13T01:00:00.000Z,0 CVE-2017-8550,https://securityvulnerability.io/vulnerability/CVE-2017-8550,,"A remote code execution vulnerability exists in Skype for Business when the software fails to sanitize specially crafted content, aka ""Skype for Business Remote Code Execution Vulnerability"".",Microsoft,Skype For Business,5.4,MEDIUM,0.13694000244140625,false,false,false,false,,false,false,2017-06-15T01:00:00.000Z,0 CVE-2016-3263,https://securityvulnerability.io/vulnerability/CVE-2016-3263,,"Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Lync 2010 Attendee; and Live Meeting 2007 Console allows remote attackers to bypass the ASLR protection mechanism via unspecified vectors, aka ""GDI+ Information Disclosure Vulnerability,"" a different vulnerability than CVE-2016-3262.",Microsoft,"Word Viewer,Live Meeting,Windows Server 2012,Lync,Office,Windows 10,Windows 8.1,Windows Server 2008,Skype For Business,Windows 7,Windows Rt 8.1,Windows Vista",5.5,MEDIUM,0.48535001277923584,false,false,false,false,,false,false,2016-10-14T01:00:00.000Z,0 CVE-2016-3396,https://securityvulnerability.io/vulnerability/CVE-2016-3396,,"Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Lync 2010 Attendee; and Live Meeting 2007 Console allows remote attackers to execute arbitrary code via a crafted embedded font, aka ""GDI+ Remote Code Execution Vulnerability.""",Microsoft,"Word Viewer,Live Meeting,Windows Server 2012,Lync,Office,Windows 10,Windows 8.1,Windows Server 2008,Skype For Business,Windows 7,Windows Rt 8.1,Windows Vista",7.8,HIGH,0.23093000054359436,false,false,false,false,,false,false,2016-10-14T01:00:00.000Z,0 CVE-2016-3209,https://securityvulnerability.io/vulnerability/CVE-2016-3209,,"Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Lync 2010 Attendee; Live Meeting 2007 Console; .NET Framework 3.0 SP2, 3.5, 3.5.1, 4.5.2, and 4.6; and Silverlight 5 allows remote attackers to bypass the ASLR protection mechanism via unspecified vectors, aka ""True Type Font Parsing Information Disclosure Vulnerability.""",Microsoft,"Word Viewer,.net Framework,Live Meeting,Windows Server 2012,Lync,Office,Windows 10,Windows 8.1,Windows Server 2008,Silverlight,Skype For Business,Windows 7,Windows Rt 8.1,Windows Vista",5.5,MEDIUM,0.015790000557899475,false,false,false,false,,false,false,2016-10-14T01:00:00.000Z,0 CVE-2016-3262,https://securityvulnerability.io/vulnerability/CVE-2016-3262,,"Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Lync 2010 Attendee; and Live Meeting 2007 Console allows remote attackers to bypass the ASLR protection mechanism via unspecified vectors, aka ""GDI+ Information Disclosure Vulnerability,"" a different vulnerability than CVE-2016-3263.",Microsoft,"Word Viewer,Live Meeting,Windows Server 2012,Lync,Office,Windows 10,Windows 8.1,Windows Server 2008,Skype For Business,Windows 7,Windows Rt 8.1,Windows Vista",5.5,MEDIUM,0.48535001277923584,false,false,false,false,,false,false,2016-10-14T01:00:00.000Z,0 CVE-2016-7182,https://securityvulnerability.io/vulnerability/CVE-2016-7182,,"The Graphics component in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Lync 2010 Attendee; and Live Meeting 2007 Console allows attackers to execute arbitrary code via a crafted True Type font, aka ""True Type Font Parsing Elevation of Privilege Vulnerability.""",Microsoft,"Word Viewer,Live Meeting,Windows Server 2012,Lync,Office,Windows 10,Windows 8.1,Windows Server 2008,Skype For Business,Windows 7,Windows Rt 8.1,Windows Vista",9.8,CRITICAL,0.020330000668764114,false,false,false,false,,false,false,2016-10-14T01:00:00.000Z,0