Skype Technologies Skype — known CVE vulnerabilities
Every CVE whose affected-product data names Skype Technologies Skype, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (14)
CVE-2005-3267 — CVSS 10.0 (critical): Integer overflow in Skype client before 1.4.x.84 on Windows, before 1.3.x.17 on Mac OS, before 1.2.x.18 on Linux, and 1.1.x.6 and earlier…
CVE-2004-1114 — CVSS 9.3 (critical): Buffer overflow in the handling of command line arguments in Skype 1.0.x.94 through 1.0.x.98 allows remote attackers to execute arbitrary…
CVE-2005-3265 — CVSS 9.3 (critical): Buffer overflow in Skype for Windows 1.1.x.0 through 1.4.x.83 allows remote attackers to execute arbitrary code via (1) callto:// and (2)…
CVE-2008-0454 — CVSS 9.3 (critical): Cross-zone scripting vulnerability in the Internet Explorer web control in Skype 3.6.0.244, and earlier 3.5.x and 3.6.x versions, on…
CVE-2008-1805 — CVSS 9.3 (critical): Incomplete blacklist vulnerability in Skype 3.6.0.248, and other versions before 3.8.0.139, allows user-assisted remote attackers to bypass…
CVE-2008-2545 — CVSS 9.3 (critical): Skype 3.6.0.248, and other versions before 3.8.0.139, uses a case-sensitive comparison when checking for dangerous extensions, which allows…
CVE-2006-5084 — CVSS 7.5 (high): Format string vulnerability in the NSRunAlertPanel function in eBay Skype for Mac 1.5.*.79 and earlier allows remote attackers to cause a…
CVE-2007-5989 — CVSS 6.8 (medium): Unspecified vulnerability in the skype4com URI handler in Skype before 3.6 GOLD allows remote attackers to execute arbitrary code via…
CVE-2004-1777 — CVSS 5.0 (medium): A "range check error" in Skype for Windows before 0.98.0.28 allows local and remote attackers to cause a denial of service (application…
CVE-2007-4429 — CVSS 5.0 (medium): Unspecified vulnerability in Skype allows remote attackers to cause a denial of service (server hang) via unknown vectors related to…
CVE-2005-1407 — CVSS 4.6 (medium): Skype for Windows 1.2.0.0 to 1.2.0.46 allows local users to bypass the identity check for an authorized application, then call arbitrary…
CVE-2008-0582 — CVSS 4.3 (medium): Cross-zone scripting vulnerability in the Internet Explorer web control in Skype 3.1 through 3.6.0.244 on Windows allows remote attackers…
CVE-2008-0583 — CVSS 4.3 (medium): Cross-zone scripting vulnerability in the Internet Explorer web control in Skype 3.6.0.244, and earlier 3.5.x and 3.6.x versions, on…
CVE-2005-2300 — CVSS 2.1 (low): Skype 1.1.0.20 and earlier allows local users to overwrite arbitrary files via a symlink attack on the skype_profile.jpg temporary file.