National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): Skype 2018
  • Search Type: Search All
There are 8 matching records.
Vuln ID Summary CVSS Severity
CVE-2018-8546

A denial of service vulnerability exists in Skype for Business, aka "Microsoft Skype for Business Denial of Service Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Lync, Skype.

Published: November 13, 2018; 08:29:00 PM -05:00
(not available)
CVE-2018-18568

Polycom VVX 500 and 601 devices 5.8.0.12848 and earlier allows man-in-the-middle attackers to obtain sensitive credential information by leveraging failure to validate X.509 certificates when used with an on-premise installation with Skype for Business.

Published: October 24, 2018; 06:29:01 PM -04:00
V3: 5.9 MEDIUM
V2: 4.3 MEDIUM
CVE-2018-18567

AudioCodes 440HD and 450HD devices 3.1.2.89 and earlier allows man-in-the-middle attackers to obtain sensitive credential information by leveraging failure to validate X.509 certificates when used with an on-premise installation with Skype for Business.

Published: October 24, 2018; 06:29:01 PM -04:00
V3: 5.9 MEDIUM
V2: 4.3 MEDIUM
CVE-2018-18566

The SIP service in Polycom VVX 500 and 601 devices 5.8.0.12848 and earlier allow remote attackers to obtain sensitive phone configuration information by leveraging use with an on-premise installation with Skype for Business.

Published: October 24, 2018; 06:29:01 PM -04:00
V3: 5.3 MEDIUM
V2: 5.0 MEDIUM
CVE-2018-8311

A remote code execution vulnerability exists when Skype for Business and Microsoft Lync clients fail to properly sanitize specially crafted content, aka "Remote Code Execution Vulnerability in Skype For Business and Lync." This affects Skype, Microsoft Lync.

Published: July 10, 2018; 08:29:02 PM -04:00
V3: 8.8 HIGH
V2: 6.8 MEDIUM
CVE-2018-8238

A security feature bypass vulnerability exists when Skype for Business or Lync do not properly parse UNC path links shared via messages, aka "Skype for Business and Lync Security Feature Bypass Vulnerability." This affects Skype, Microsoft Lync.

Published: July 10, 2018; 08:29:00 PM -04:00
V3: 7.8 HIGH
V2: 9.3 HIGH
CVE-2018-0595

Untrusted search path vulnerability in the installer of Skype for Windows allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

Published: June 26, 2018; 10:29:01 AM -04:00
V3: 7.8 HIGH
V2: 6.8 MEDIUM
CVE-2018-0594

Untrusted search path vulnerability in Skype for Windows allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

Published: June 26, 2018; 10:29:01 AM -04:00
V3: 7.8 HIGH
V2: 6.8 MEDIUM