Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
yahoo vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2011-4279
Moodle 2.0.x prior to 2.0.2 does not use the forceloginforprofiles setting for course-profiles access control, which makes it easier for remote malicious users to obtain potentially sensitive information via vectors involving use of a search engine, as demonstrated by the search ...
Moodle Moodle 2.0.1
Moodle Moodle 2.0.0
3.5
CVSSv2
CVE-2009-4567
Multiple cross-site scripting (XSS) vulnerabilities in editprofile.php in Viscacha 0.8 Gold allow remote authenticated users to inject arbitrary web script or HTML via the (1) skype, (2) yahoo, (3) aol, (4) msn, or (5) jabber parameter in a profile2 action. NOTE: some of these de...
Viscacha Viscacha 0.8
1 EDB exploit
4.3
CVSSv2
CVE-2010-4402
Multiple cross-site scripting (XSS) vulnerabilities in wp-login.php in the Register Plus plugin 3.5.1 and previous versions for WordPress allow remote malicious users to inject arbitrary web script or HTML via the (1) firstname, (2) lastname, (3) website, (4) aim, (5) yahoo, (6) ...
Devbits Register-plus 3.4.1
Devbits Register-plus 3.4
Devbits Register-plus 2.8
Devbits Register-plus 2.7
Devbits Register-plus 2.0
Devbits Register-plus 1.2
Devbits Register-plus
Devbits Register-plus 3.5
Devbits Register-plus 3.0.1
Devbits Register-plus 3.0
Devbits Register-plus 2.9
Devbits Register-plus 2.2
Devbits Register-plus 2.1
Devbits Register-plus 3.3
Devbits Register-plus 3.2
Devbits Register-plus 2.6
Devbits Register-plus 2.5
Devbits Register-plus 1.1
Devbits Register-plus 3.1
Devbits Register-plus 3.0.2
Devbits Register-plus 2.4
Devbits Register-plus 2.3
7.5
CVSSv2
CVE-2005-0651
Multiple SQL injection vulnerabilities in ProjectBB 0.4.5.1 allow remote malicious users to execute arbitrary SQL commands via (1) liste or (2) desc parameters to divers.php (incorrectly referred to as "drivers.php" by some sources), (3) the search feature text area, (4...
Projectbb Projectbb 0.4.5.1
4
CVSSv2
CVE-2010-3711
libpurple in Pidgin prior to 2.7.4 does not properly validate the return value of the purple_base64_decode function, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a crafted message, related to the plugins...
Pidgin Pidgin 2.6.2
Pidgin Pidgin 2.5.9
Pidgin Pidgin 2.4.0
Pidgin Pidgin 2.4.1
Pidgin Pidgin 2.5.3
Pidgin Pidgin 2.5.0
Pidgin Pidgin 2.6.0
Pidgin Pidgin 2.0.2
Pidgin Pidgin 2.4.3
Pidgin Pidgin 2.1.1
Pidgin Pidgin 2.6.6
Pidgin Pidgin 2.4.2
Pidgin Pidgin 2.3.1
Pidgin Pidgin 2.5.1
Pidgin Pidgin 2.6.4
Pidgin Pidgin 2.2.0
Pidgin Pidgin 2.5.6
Pidgin Pidgin 2.1.0
Pidgin Pidgin 2.0.1
Pidgin Pidgin 2.5.4
Pidgin Pidgin 2.3.0
Pidgin Pidgin 2.2.2
4.3
CVSSv2
CVE-2011-3184
The msn_httpconn_parse_data function in httpconn.c in the MSN protocol plugin in libpurple in Pidgin prior to 2.10.0 does not properly handle HTTP 100 responses, which allows remote malicious users to cause a denial of service (incorrect memory access and application crash) via v...
Pidgin Pidgin 2.1.0
Pidgin Pidgin 2.4.2
Pidgin Pidgin 2.5.0
Pidgin Pidgin 2.5.1
Pidgin Pidgin 2.6.0
Pidgin Pidgin 2.6.1
Pidgin Pidgin 2.7.3
Pidgin Pidgin 2.7.2
Pidgin Pidgin 2.7.1
Pidgin Pidgin 2.7.0
Pidgin Pidgin 2.1.1
Pidgin Pidgin 2.0.2
Pidgin Pidgin 2.0.1
Pidgin Pidgin 2.3.0
Pidgin Pidgin 2.4.0
Pidgin Pidgin 2.5.7
Pidgin Pidgin 2.5.6
Pidgin Pidgin 2.6.5
Pidgin Pidgin 2.6.6
Pidgin Pidgin 2.7.7
Pidgin Pidgin 2.7.9
Pidgin Pidgin
4.3
CVSSv2
CVE-2011-3594
The g_markup_escape_text function in the SILC protocol plug-in in libpurple 2.10.0 and previous versions, as used in Pidgin and possibly other products, allows remote malicious users to cause a denial of service (crash) via invalid UTF-8 sequences that trigger use of invalid poin...
Pidgin Libpurple 2.7.11
Pidgin Libpurple 2.7.10
Pidgin Libpurple 2.7.2
Pidgin Libpurple 2.7.1
Pidgin Libpurple 2.6.1
Pidgin Libpurple 2.6.0
Pidgin Libpurple 2.5.3
Pidgin Libpurple 2.5.2
Pidgin Libpurple 2.3.0
Pidgin Libpurple 2.2.2
Pidgin Libpurple 2.0.0
Pidgin Libpurple 1.0
Pidgin Libpurple
Pidgin Libpurple 2.7.7
Pidgin Libpurple 2.7.6
Pidgin Libpurple 2.6.5
Pidgin Libpurple 2.6.4
Pidgin Libpurple 2.5.7
Pidgin Libpurple 2.5.6
Pidgin Libpurple 2.4.3
Pidgin Libpurple 2.4.2
Pidgin Libpurple 2.1.1
7.5
CVSSv2
CVE-2004-0007
Buffer overflow in the Extract Info Field Function for (1) MSN and (2) YMSG protocol handlers in Gaim 0.74 and previous versions, and Ultramagnetic prior to 0.81, allows remote malicious users to cause a denial of service and possibly execute arbitrary code.
Rob Flynn Gaim
Ultramagnetic Ultramagnetic
4.3
CVSSv2
CVE-2006-3539
Multiple cross-site scripting (XSS) vulnerabilities in DKScript.com Dragon's Kingdom Script 1.0 allow remote malicious users to inject arbitrary web script or HTML via a javascript URI in the SRC attribute of an IMG element in the (1) Subject and (2) Message fields in a do=w...
Dkscript Dragons Kingdom Script 1.0
5
CVSSv2
CVE-2005-0473
The HTML parsing functions in Gaim prior to 1.1.3 allow remote malicious users to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0208.
Rob Flynn Gaim 1.0
Rob Flynn Gaim 1.1.2
Rob Flynn Gaim 1.0.1
Rob Flynn Gaim 1.1.1
Mandrakesoft Mandrake Linux 10.1
Redhat Enterprise Linux 4.0
Mandrakesoft Mandrake Linux Corporate Server 3.0
Mandrakesoft Mandrake Linux 10.0
Redhat Enterprise Linux Desktop 4.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »