EUVD-2004-1771

Malware in sbrugna...

EUVD-2008-0593

Malware in sbrugna...

EUVD-2010-3136

Malware in sbrugna...

EUVD-2011-2068

Malware in sbrugna...

EUVD-2024-19120

Malicious code in bioql PyPI...

CVE-2020-24003

Microsoft Skype through 8.59.0.77 on macOS has the disable-library-validation entitlement, which allows a local process with the user's privileges to obtain unprompted microphone and camera access by loading a crafted library and thereby inheriting Skype Client's microphone and camera access...

CVE-2017-6517

Microsoft Skype 7.16.0.102 contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system. This vulnerability exists due to the way .dll files are loaded by Skype. It allows an attacker to load a .dll of the attacker's choosing that...

Skype zero day HTML/(Javascript) code injection

Skype zero day HTML/Javascript code injection Noptri Public Security Advisory has publised a working skype zero day vulnerability with POC for skype. Skype users need be aware of this vulnerability. Affected Software: Software: Skype INJECTION HERE + Office Phone Number: INJECTION HERE + Mobile...

Design/Logic Flaw

Incomplete blacklist vulnerability in Skype 3.6.0.248, and other versions before 3.8.0.139, allows user-assisted remote attackers to bypass warning dialogs and possibly execute arbitrary code via a file: URI that ends in an executable extension that is not covered by the blacklist...

Cross site scripting

Cross-zone scripting vulnerability in the Internet Explorer web control in Skype 3.6.0.244, and earlier 3.5.x and 3.6.x versions, on Windows allows user-assisted remote attackers to inject arbitrary web script or HTML in the Local Machine Zone via the Title field of a 1 Dailymotion and possibly 2...

Skype DoS

Skype and Internet Explorer uri handler mechanism memory resources consumption bug: script for var x = 1; x = 666; x++ popupwindow = window.open'skype:happynegro?call'; popupwindow.close ; /script This will invoke many skype.exe processes and as they are not closed - much memory will be...

Skype Technologies Skype 0.921.01.1 - Insecure Temporary File Creation

Skype Technologies Skype 0.921.01.1 - Insecure Temporary File Creation source: https://www.securityfocus.com/bid/14293/info Skype is affected by an insecure temporary file creation vulnerability. Exploitation would most likely result in loss of data or a denial of service if critical files are...

CVE-2004-1114

Buffer overflow in the handling of command line arguments in Skype 1.0.x.94 through 1.0.x.98 allows remote attackers to execute arbitrary code via a callto:// URL with a long non-existent username, a different vulnerability than CVE-2004-1777...

CVE-2004-1777

A "range check error" in Skype for Windows before 0.98.0.28 allows local and remote attackers to cause a denial of service application crash via long command line arguments or a long callto:// URL, a different vulnerability than CVE-2004-1114...

CVE-2004-1778

Skype 0.92.0.12 and 1.0.0.1 for Linux, and possibly other versions, creates the /usr/share/skype/lang directory with world-writable permissions, which allows local users to modify language files and possibly conduct social engineering or other attacks...

Skype < 1.0.0.100 CallTo URI Buffer Remote Overflow

Binary data 2405.prm...

[SA13191] Skype &quot;callto:&quot; URI Handler Buffer Overflow Vulnerability

TITLE: Skype "callto:" URI Handler Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA13191 VERIFY ADVISORY: http://secunia.com/advisories/13191/ CRITICAL: Highly critical IMPACT: System access WHERE: From remote SOFTWARE: Skype for Windows 1.x http://secunia.com/product/4250/ DESCRIPTION: A...

Skype buffer overflow

Buffer overflow on callto: URL...