Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
yahoo vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-28895
'Yahoo! JAPAN' App for Android v2.3.1 to v3.161.1 and 'Yahoo! JAPAN' App for iOS v3.2.2 to v4.109.0 contain a cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed on the WebView of 'Yahoo! JAPAN'...
4
CVSSv2
CVE-2011-1091
libymsg.c in the Yahoo! protocol plugin in libpurple in Pidgin 2.6.0 up to and including 2.7.10 allows (1) remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a malformed YMSG notification packet, and allows (2) remote Yaho...
Pidgin Pidgin 2.7.9
Pidgin Pidgin 2.7.5
Pidgin Pidgin 2.7.0
Pidgin Pidgin 2.7.4
Pidgin Pidgin 2.6.0
Pidgin Pidgin 2.7.6
Pidgin Pidgin 2.7.10
Pidgin Pidgin 2.7.3
Pidgin Pidgin 2.6.5
Pidgin Pidgin 2.6.6
Pidgin Pidgin 2.6.2
Pidgin Pidgin 2.7.8
Pidgin Pidgin 2.7.7
Pidgin Pidgin 2.6.1
Pidgin Pidgin 2.6.4
Pidgin Pidgin 2.7.2
Pidgin Pidgin 2.7.1
4.3
CVSSv2
CVE-2018-17061
BullGuard Safe Browsing prior to 18.1.355.9 allows XSS on Google, Bing, and Yahoo! pages via domains indexed in search results.
Bullguard Safe Browsing
4.3
CVSSv2
CVE-2009-3025
Unspecified vulnerability in Pidgin 2.6.0 allows remote malicious users to cause a denial of service (crash) via a link in a Yahoo IM.
Pidgin Pidgin 2.6.0
4.3
CVSSv2
CVE-2012-3414
Cross-site scripting (XSS) vulnerability in swfupload.swf in SWFUpload 2.2.0.1 and previous versions, as used in WordPress prior to 3.3.2, TinyMCE Image Manager 1.1, and other products, allows remote malicious users to inject arbitrary web script or HTML via the movieName paramet...
Wordpress Wordpress 3.0.1
Wordpress Wordpress 3.0.2
Wordpress Wordpress 3.1.2
Wordpress Wordpress 3.1.3
Swfupload Project Swfupload 1.0.2
Swfupload Project Swfupload 2.0.2
Wordpress Wordpress 3.0.3
Wordpress Wordpress 3.0.4
Wordpress Wordpress 3.1.4
Wordpress Wordpress 3.2
Swfupload Project Swfupload 2.1.0
Wordpress Wordpress 3.0.5
Wordpress Wordpress 3.0.6
Wordpress Wordpress 3.2.1
Wordpress Wordpress 3.3
Swfupload Project Swfupload 2.2.0
Swfupload Project Swfupload
Wordpress Wordpress -
Wordpress Wordpress 3.0
Wordpress Wordpress 3.1
Wordpress Wordpress 3.1.1
Wordpress Wordpress
1 EDB exploit
2 Github repositories
1 Article
9.3
CVSSv2
CVE-2007-5542
Stack-based buffer overflow in Miranda IM 0.6.8 allows remote malicious users to execute arbitrary code via a crafted Yahoo! Messenger packet. NOTE: this might overlap CVE-2007-5590.
Miranda-im Miranda Im 0.6.8
9.3
CVSSv2
CVE-2007-5543
Stack-based buffer overflow in Miranda IM 0.6.8 and 0.7.0 allows remote malicious users to execute arbitrary code via a crafted Yahoo! Messenger packet. NOTE: this might overlap CVE-2007-5590.
Miranda-im Miranda Im 0.6.8
Miranda-im Miranda Im 0.7.0
7.5
CVSSv2
CVE-2004-2370
Stack-based buffer overflow in Trillian 0.71 up to and including 0.74f and Trillian Pro 1.0 up to and including 2.01 allows remote malicious users to execute arbitrary code via a Yahoo Messenger packet with a long key name.
Cerulean Studios Trillian 0.74c
Cerulean Studios Trillian 0.74d
Cerulean Studios Trillian 0.74
Cerulean Studios Trillian 0.74b
Cerulean Studios Trillian Pro 2.0
Cerulean Studios Trillian Pro 2.01
Cerulean Studios Trillian 0.71
Cerulean Studios Trillian 0.725
Cerulean Studios Trillian 0.73
Cerulean Studios Trillian 0.74g
Cerulean Studios Trillian Pro 1.0
Cerulean Studios Trillian 0.74e
Cerulean Studios Trillian 0.74f
7.8
CVSSv2
CVE-2007-3219
Unspecified vulnerability in sources/action_public/xmlout.php in Invision Power Board (IPB or IP.Board) 2.2.0 up to and including 2.2.2 allows remote malicious users to modify another user's profile data, such as an AIM screen name or Yahoo! identity.
Invision Power Services Invision Power Board 2.2
Invision Power Services Invision Power Board 2.2.1
Invision Power Services Invision Power Board 2.2.2
4.3
CVSSv2
CVE-2006-1272
Multiple cross-site scripting (XSS) vulnerabilities in member.php in MyBulletin Board (MyBB) 1.0.3 allow remote malicious users to inject arbitrary web script or HTML via the (1) aim, (2) yahoo, (3) msn, or (4) website field.
Mybulletinboard Mybulletinboard 1.0.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »