Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
yahoo vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-28895
'Yahoo! JAPAN' App for Android v2.3.1 to v3.161.1 and 'Yahoo! JAPAN' App for iOS v3.2.2 to v4.109.0 contain a cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed on the WebView of 'Yahoo! JAPAN'...
NA
CVE-2011-1091
libymsg.c in the Yahoo! protocol plugin in libpurple in Pidgin 2.6.0 up to and including 2.7.10 allows (1) remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a malformed YMSG notification packet, and allows (2) remote Yaho...
Pidgin Pidgin 2.7.9
Pidgin Pidgin 2.7.5
Pidgin Pidgin 2.7.0
Pidgin Pidgin 2.7.4
Pidgin Pidgin 2.6.0
Pidgin Pidgin 2.7.6
Pidgin Pidgin 2.7.10
Pidgin Pidgin 2.7.3
Pidgin Pidgin 2.6.5
Pidgin Pidgin 2.6.6
Pidgin Pidgin 2.6.2
Pidgin Pidgin 2.7.8
Pidgin Pidgin 2.7.7
Pidgin Pidgin 2.6.1
Pidgin Pidgin 2.6.4
Pidgin Pidgin 2.7.2
Pidgin Pidgin 2.7.1
6.1
CVSSv3
CVE-2018-17061
BullGuard Safe Browsing prior to 18.1.355.9 allows XSS on Google, Bing, and Yahoo! pages via domains indexed in search results.
Bullguard Safe Browsing
NA
CVE-2012-3414
Cross-site scripting (XSS) vulnerability in swfupload.swf in SWFUpload 2.2.0.1 and previous versions, as used in WordPress prior to 3.3.2, TinyMCE Image Manager 1.1, and other products, allows remote malicious users to inject arbitrary web script or HTML via the movieName paramet...
Wordpress Wordpress 3.0.1
Wordpress Wordpress 3.0.2
Wordpress Wordpress 3.1.2
Wordpress Wordpress 3.1.3
Swfupload Project Swfupload 1.0.2
Swfupload Project Swfupload 2.0.2
Wordpress Wordpress 3.0.3
Wordpress Wordpress 3.0.4
Wordpress Wordpress 3.1.4
Wordpress Wordpress 3.2
Swfupload Project Swfupload 2.1.0
Wordpress Wordpress 3.0.5
Wordpress Wordpress 3.0.6
Wordpress Wordpress 3.2.1
Wordpress Wordpress 3.3
Swfupload Project Swfupload 2.2.0
Swfupload Project Swfupload
Wordpress Wordpress -
Wordpress Wordpress 3.0
Wordpress Wordpress 3.1
Wordpress Wordpress 3.1.1
Wordpress Wordpress
1 EDB exploit
2 Github repositories
1 Article
NA
CVE-2009-3025
Unspecified vulnerability in Pidgin 2.6.0 allows remote malicious users to cause a denial of service (crash) via a link in a Yahoo IM.
Pidgin Pidgin 2.6.0
NA
CVE-2007-5542
Stack-based buffer overflow in Miranda IM 0.6.8 allows remote malicious users to execute arbitrary code via a crafted Yahoo! Messenger packet. NOTE: this might overlap CVE-2007-5590.
Miranda-im Miranda Im 0.6.8
NA
CVE-2007-5543
Stack-based buffer overflow in Miranda IM 0.6.8 and 0.7.0 allows remote malicious users to execute arbitrary code via a crafted Yahoo! Messenger packet. NOTE: this might overlap CVE-2007-5590.
Miranda-im Miranda Im 0.6.8
Miranda-im Miranda Im 0.7.0
NA
CVE-2004-2370
Stack-based buffer overflow in Trillian 0.71 up to and including 0.74f and Trillian Pro 1.0 up to and including 2.01 allows remote malicious users to execute arbitrary code via a Yahoo Messenger packet with a long key name.
Cerulean Studios Trillian 0.74c
Cerulean Studios Trillian 0.74d
Cerulean Studios Trillian 0.74
Cerulean Studios Trillian 0.74b
Cerulean Studios Trillian Pro 2.0
Cerulean Studios Trillian Pro 2.01
Cerulean Studios Trillian 0.71
Cerulean Studios Trillian 0.725
Cerulean Studios Trillian 0.73
Cerulean Studios Trillian 0.74g
Cerulean Studios Trillian Pro 1.0
Cerulean Studios Trillian 0.74e
Cerulean Studios Trillian 0.74f
NA
CVE-2007-3219
Unspecified vulnerability in sources/action_public/xmlout.php in Invision Power Board (IPB or IP.Board) 2.2.0 up to and including 2.2.2 allows remote malicious users to modify another user's profile data, such as an AIM screen name or Yahoo! identity.
Invision Power Services Invision Power Board 2.2
Invision Power Services Invision Power Board 2.2.1
Invision Power Services Invision Power Board 2.2.2
NA
CVE-2013-7288
Cross-site scripting (XSS) vulnerability in the mycode_parse_video function in inc/class_parser.php in MyBB (aka MyBulletinBoard) prior to 1.6.12 allows remote malicious users to inject arbitrary web script or HTML via vectors related to Yahoo video URLs.
Mybb Mybb 1.6.6
Mybb Mybb 1.6.5
Mybb Mybb 1.6.4
Mybb Mybb 1.6.3
Mybb Mybb 1.6.2
Mybb Mybb 1.4.16
Mybb Mybb 1.4.15
Mybb Mybb 1.4.14
Mybb Mybb 1.4.13
Mybb Mybb 1.2.2
Mybb Mybb 1.2.14
Mybb Mybb 1.2.13
Mybb Mybb 1.2.12
Mybb Mybb 1.1.0
Mybb Mybb 1.04
Mybb Mybb 1.03
Mybb Mybb 1.02
Mybb Mybb 1.6.10
Mybb Mybb 1.6.7
Mybb Mybb 1.6.0
Mybb Mybb 1.5.1
Mybb Mybb 1.4.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »