Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
yahoo vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2011-4279
Moodle 2.0.x prior to 2.0.2 does not use the forceloginforprofiles setting for course-profiles access control, which makes it easier for remote malicious users to obtain potentially sensitive information via vectors involving use of a search engine, as demonstrated by the search ...
Moodle Moodle 2.0.1
Moodle Moodle 2.0.0
3.5
CVSSv2
CVE-2009-4567
Multiple cross-site scripting (XSS) vulnerabilities in editprofile.php in Viscacha 0.8 Gold allow remote authenticated users to inject arbitrary web script or HTML via the (1) skype, (2) yahoo, (3) aol, (4) msn, or (5) jabber parameter in a profile2 action. NOTE: some of these de...
Viscacha Viscacha 0.8
1 EDB exploit
4.3
CVSSv2
CVE-2010-4402
Multiple cross-site scripting (XSS) vulnerabilities in wp-login.php in the Register Plus plugin 3.5.1 and previous versions for WordPress allow remote malicious users to inject arbitrary web script or HTML via the (1) firstname, (2) lastname, (3) website, (4) aim, (5) yahoo, (6) ...
Devbits Register-plus
Devbits Register-plus 1.1
Devbits Register-plus 1.2
Devbits Register-plus 2.0
Devbits Register-plus 2.1
Devbits Register-plus 2.2
Devbits Register-plus 2.3
Devbits Register-plus 2.4
Devbits Register-plus 2.5
Devbits Register-plus 2.6
Devbits Register-plus 2.7
Devbits Register-plus 2.8
Devbits Register-plus 2.9
Devbits Register-plus 3.0
Devbits Register-plus 3.0.1
Devbits Register-plus 3.0.2
Devbits Register-plus 3.1
Devbits Register-plus 3.2
Devbits Register-plus 3.3
Devbits Register-plus 3.4
Devbits Register-plus 3.4.1
Devbits Register-plus 3.5
7.5
CVSSv2
CVE-2005-0651
Multiple SQL injection vulnerabilities in ProjectBB 0.4.5.1 allow remote malicious users to execute arbitrary SQL commands via (1) liste or (2) desc parameters to divers.php (incorrectly referred to as "drivers.php" by some sources), (3) the search feature text area, (4...
Projectbb Projectbb 0.4.5.1
4.3
CVSSv2
CVE-2011-3184
The msn_httpconn_parse_data function in httpconn.c in the MSN protocol plugin in libpurple in Pidgin prior to 2.10.0 does not properly handle HTTP 100 responses, which allows remote malicious users to cause a denial of service (incorrect memory access and application crash) via v...
Pidgin Pidgin 2.5.9
Pidgin Pidgin 2.5.8
Pidgin Pidgin 2.7.9
Pidgin Pidgin 2.7.5
Pidgin Pidgin 2.7.0
Pidgin Pidgin 2.1.0
Pidgin Pidgin 2.7.4
Pidgin Pidgin 2.6.0
Pidgin Pidgin 2.5.2
Pidgin Pidgin 2.5.1
Pidgin Pidgin 2.7.6
Pidgin Pidgin 2.7.11
Pidgin Pidgin 2.5.6
Pidgin Pidgin 2.7.10
Pidgin Pidgin 2.5.7
Pidgin Pidgin 2.0.1
Pidgin Pidgin 2.4.2
Pidgin Pidgin 2.7.3
Pidgin Pidgin 2.5.4
Pidgin Pidgin 2.5.5
Pidgin Pidgin 2.6.5
Pidgin Pidgin 2.2.2
4
CVSSv2
CVE-2010-3711
libpurple in Pidgin prior to 2.7.4 does not properly validate the return value of the purple_base64_decode function, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a crafted message, related to the plugins...
Pidgin Pidgin 2.5.9
Pidgin Pidgin 2.5.8
Pidgin Pidgin
Pidgin Pidgin 2.7.0
Pidgin Pidgin 2.1.0
Pidgin Pidgin 2.6.0
Pidgin Pidgin 2.5.2
Pidgin Pidgin 2.5.1
Pidgin Pidgin 2.5.6
Pidgin Pidgin 2.5.7
Pidgin Pidgin 2.0.1
Pidgin Pidgin 2.4.2
Pidgin Pidgin 2.5.4
Pidgin Pidgin 2.5.5
Pidgin Pidgin 2.6.5
Pidgin Pidgin 2.2.2
Pidgin Pidgin 2.1.1
Pidgin Pidgin 2.3.1
Pidgin Pidgin 2.4.3
Pidgin Pidgin 2.6.6
Pidgin Pidgin 2.0.0
Pidgin Pidgin 2.0.2
4.3
CVSSv2
CVE-2011-3594
The g_markup_escape_text function in the SILC protocol plug-in in libpurple 2.10.0 and previous versions, as used in Pidgin and possibly other products, allows remote malicious users to cause a denial of service (crash) via invalid UTF-8 sequences that trigger use of invalid poin...
Pidgin Libpurple
Pidgin Libpurple 2.7.10
Pidgin Libpurple 2.0.0
Pidgin Libpurple 2.1.0
Pidgin Libpurple 2.7.0
Pidgin Libpurple 2.2.0
Pidgin Libpurple 2.4.2
Pidgin Libpurple 2.3.1
Pidgin Libpurple 2.5.7
Pidgin Libpurple 2.2.2
Pidgin Libpurple 2.6.5
Pidgin Libpurple 2.5.5
Pidgin Libpurple 2.5.2
Pidgin Libpurple 2.4.3
Pidgin Libpurple 2.2.1
Pidgin Libpurple 2.9.0
Pidgin Libpurple 2.7.11
Pidgin Libpurple 2.5.0
Pidgin Libpurple 2.5.4
Pidgin Libpurple 1.0
Pidgin Libpurple 2.7.9
Pidgin Libpurple 2.4.0
7.5
CVSSv2
CVE-2004-0007
Buffer overflow in the Extract Info Field Function for (1) MSN and (2) YMSG protocol handlers in Gaim 0.74 and previous versions, and Ultramagnetic prior to 0.81, allows remote malicious users to cause a denial of service and possibly execute arbitrary code.
Rob Flynn Gaim
Ultramagnetic Ultramagnetic
5
CVSSv2
CVE-2005-0208
The HTML parsing functions in Gaim prior to 1.1.4 allow remote malicious users to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0473.
Rob Flynn Gaim 1.1.2
Rob Flynn Gaim 1.1.0
Rob Flynn Gaim 1.1.3
Rob Flynn Gaim 1.1.1
5
CVSSv2
CVE-2005-0473
The HTML parsing functions in Gaim prior to 1.1.3 allow remote malicious users to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0208.
Rob Flynn Gaim 1.1.2
Rob Flynn Gaim 1.0
Rob Flynn Gaim 1.0.1
Rob Flynn Gaim 1.1.1
Redhat Enterprise Linux 4.0
Mandrakesoft Mandrake Linux 10.1
Mandrakesoft Mandrake Linux Corporate Server 3.0
Mandrakesoft Mandrake Linux 10.0
Redhat Enterprise Linux Desktop 4.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30065
CVE-2024-5843
CVE-2024-30080
code execution
CVE-2024-4577
CVE-2024-26169
wireless
remote code execution
CVE-2024-36103
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »