Microsoft lync server
This hub aggregates every CVE we track for Microsoft lync server, a product in the operating systems space. Use it to gauge the current risk picture and drill into individual advisories.
21
CVEs tracked
3
Critical
3
High
1
In CISA KEV
Severity distribution
MEDIUM15HIGH3CRITICAL3
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Microsoft lync server.
- CVE-2022-33633Skype for Business and Lync Remote Code Execution Vulnerability7.2
- CVE-2022-26911Skype for Business Information Disclosure Vulnerability6.5
- CVE-2021-26422Skype for Business and Lync Remote Code Execution Vulnerability7.2
- CVE-2021-26421Skype for Business and Lync Spoofing Vulnerability6.5
- CVE-2021-24099Skype for Business and Lync Denial of Service Vulnerability6.5
- CVE-2021-24073Skype for Business and Lync Spoofing Vulnerability6.5
- CVE-2020-1025Microsoft Office Elevation of Privilege Vulnerability9.8
- CVE-2019-1209An information disclosure vulnerability exists in Lync 2013, aka 'Lync 2013 Information Disclosure Vulnerability'.6.5
- CVE-2019-1029Skype for Business and Lync Server Denial of Service Vulnerability5.9
- CVE-2019-0798A spoofing vulnerability exists when a Lync Server or Skype for Business Server does not properly sanitize a specially crafted request, aka 'Skype for Business and Lync Spoofing Vulnerability'.6.1
- CVE-2019-0624A spoofing vulnerability exists when a Skype for Business 2015 server does not properly sanitize a specially crafted request, aka "Skype for Business 2015 Spoofing Vulnerability." This affects Skype.5.4
- CVE-2015-2536Cross-site scripting (XSS) vulnerability in Microsoft Lync Server 2013 and Skype for Business Server 2015 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "Skyp...4.3
- CVE-2015-2532Cross-site scripting (XSS) vulnerability in Microsoft Lync Server 2013 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "Lync Server XSS Information Disclosure ...4.3
- CVE-2015-2531Cross-site scripting (XSS) vulnerability in the jQuery engine in Microsoft Lync Server 2013 and Skype for Business Server 2015 allows remote attackers to inject arbitrary web script or HTML via a c...4.3
- CVE-2014-4071The Server in Microsoft Lync Server 2013 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon hang) via a crafted request, aka "Lync Denial of Service Vulnerabi...5.0
Product normalization is registry-driven with AI assist and human review. How it works