Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
yahoo vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-5882
Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.5.0 up to and including 2.9.0 allows remote malicious users to inject arbitrary web script or HTML via vectors related to uploader.swf, a similar issue to CVE-2010-4208.
Yahoo Yui 2.7.0
Yahoo Yui 2.8.0
Yahoo Yui 2.5.2
Yahoo Yui 2.6.0
Yahoo Yui 2.9.0
Yahoo Yui 2.4.0
Yahoo Yui 2.4.1
Yahoo Yui 2.8.1
Yahoo Yui 2.5.0
Yahoo Yui 2.5.1
Yahoo Yui 2.8.2
NA
CVE-2012-5883
Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.8.0 up to and including 2.9.0, as used in Bugzilla 3.7.x and 4.0.x prior to 4.0.9, 4.1.x and 4.2.x prior to 4.2.4, and 4.3.x and 4.4.x prior to 4.4rc1, allows remote malicious users to inject ...
Yahoo Yui 2.8.1
Mozilla Bugzilla 3.7.2
Mozilla Bugzilla 3.7
Mozilla Bugzilla 4.0.4
Mozilla Bugzilla 4.0.5
Mozilla Bugzilla 4.2.1
Mozilla Bugzilla 4.2.2
Mozilla Bugzilla 4.3.2
Mozilla Bugzilla 4.3.3
Yahoo Yui 2.8.0
Mozilla Bugzilla 3.7.3
Mozilla Bugzilla 3.7.1
Mozilla Bugzilla 4.0
Mozilla Bugzilla 4.0.8
Mozilla Bugzilla 4.0.7
Mozilla Bugzilla 4.1
Mozilla Bugzilla 4.1.3
Mozilla Bugzilla 4.3
Mozilla Bugzilla 4.3.1
Yahoo Yui 2.8.2
Yahoo Yui 2.9.0
Mozilla Bugzilla 4.0.2
NA
CVE-2012-2647
Yahoo! Toolbar 1.0.0.5 and previous versions for Chrome and Safari allows remote malicious users to modify the configured search URL, and intercept search terms, via a crafted web page.
Yahoo Toolbar
NA
CVE-2012-2645
The Yahoo! Japan Yahoo! Browser application 1.2.0 and previous versions for Android does not properly implement the WebView class, which allows remote malicious users to obtain sensitive information via a crafted application.
Yahoo Yahoo\\! Browser
NA
CVE-2011-4279
Moodle 2.0.x prior to 2.0.2 does not use the forceloginforprofiles setting for course-profiles access control, which makes it easier for remote malicious users to obtain potentially sensitive information via vectors involving use of a search engine, as demonstrated by the search ...
Moodle Moodle 2.0.1
Moodle Moodle 2.0.0
NA
CVE-2012-0268
Integer overflow in the CYImage::LoadJPG method in YImage.dll in Yahoo! Messenger prior to 11.5.0.155, when photo sharing is enabled, might allow remote malicious users to execute arbitrary code via a crafted JPG image that triggers a heap-based buffer overflow.
Yahoo Messenger 7.0
Yahoo Messenger 5.6.0.1358
Yahoo Messenger 7.5.0.814
Yahoo Messenger 5.6.0.1356
Yahoo Messenger 8.1.0.239
Yahoo Messenger 5.0.1065
Yahoo Messenger 5.5.1249
Yahoo Messenger 8.1.0.413
Yahoo Messenger 10.0.0.1241
Yahoo Messenger 10.0.0.1102
Yahoo Messenger 10.0.0.542
Yahoo Messenger 10.0.0.525
Yahoo Messenger 9.0.0.922
Yahoo Messenger 9.0.0.907
Yahoo Messenger 9.0.0.797
Yahoo Messenger 8.1.0.419
Yahoo Messenger 3.0
Yahoo Messenger 1.0
Yahoo Messenger
Yahoo Messenger 3.0.1
Yahoo Messenger 2.0.1.4
Yahoo Messenger 8.1.0.402
NA
CVE-2011-3594
The g_markup_escape_text function in the SILC protocol plug-in in libpurple 2.10.0 and previous versions, as used in Pidgin and possibly other products, allows remote malicious users to cause a denial of service (crash) via invalid UTF-8 sequences that trigger use of invalid poin...
Pidgin Libpurple 2.7.11
Pidgin Libpurple 2.7.10
Pidgin Libpurple 2.7.2
Pidgin Libpurple 2.7.1
Pidgin Libpurple 2.6.1
Pidgin Libpurple 2.6.0
Pidgin Libpurple 2.5.3
Pidgin Libpurple 2.5.2
Pidgin Libpurple 2.3.0
Pidgin Libpurple 2.2.2
Pidgin Libpurple 2.0.0
Pidgin Libpurple 1.0
Pidgin Libpurple
Pidgin Libpurple 2.7.7
Pidgin Libpurple 2.7.6
Pidgin Libpurple 2.6.5
Pidgin Libpurple 2.6.4
Pidgin Libpurple 2.5.7
Pidgin Libpurple 2.5.6
Pidgin Libpurple 2.4.3
Pidgin Libpurple 2.4.2
Pidgin Libpurple 2.1.1
NA
CVE-2011-3184
The msn_httpconn_parse_data function in httpconn.c in the MSN protocol plugin in libpurple in Pidgin prior to 2.10.0 does not properly handle HTTP 100 responses, which allows remote malicious users to cause a denial of service (incorrect memory access and application crash) via v...
Pidgin Pidgin 2.1.0
Pidgin Pidgin 2.4.2
Pidgin Pidgin 2.5.0
Pidgin Pidgin 2.5.1
Pidgin Pidgin 2.6.0
Pidgin Pidgin 2.6.1
Pidgin Pidgin 2.7.3
Pidgin Pidgin 2.7.2
Pidgin Pidgin 2.7.1
Pidgin Pidgin 2.7.0
Pidgin Pidgin 2.1.1
Pidgin Pidgin 2.0.2
Pidgin Pidgin 2.0.1
Pidgin Pidgin 2.3.0
Pidgin Pidgin 2.4.0
Pidgin Pidgin 2.5.7
Pidgin Pidgin 2.5.6
Pidgin Pidgin 2.6.5
Pidgin Pidgin 2.6.6
Pidgin Pidgin 2.7.7
Pidgin Pidgin 2.7.9
Pidgin Pidgin
NA
CVE-2011-1091
libymsg.c in the Yahoo! protocol plugin in libpurple in Pidgin 2.6.0 up to and including 2.7.10 allows (1) remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a malformed YMSG notification packet, and allows (2) remote Yaho...
Pidgin Pidgin 2.7.9
Pidgin Pidgin 2.7.5
Pidgin Pidgin 2.7.0
Pidgin Pidgin 2.7.4
Pidgin Pidgin 2.6.0
Pidgin Pidgin 2.7.6
Pidgin Pidgin 2.7.10
Pidgin Pidgin 2.7.3
Pidgin Pidgin 2.6.5
Pidgin Pidgin 2.6.6
Pidgin Pidgin 2.6.2
Pidgin Pidgin 2.7.8
Pidgin Pidgin 2.7.7
Pidgin Pidgin 2.6.1
Pidgin Pidgin 2.6.4
Pidgin Pidgin 2.7.2
Pidgin Pidgin 2.7.1
NA
CVE-2010-4710
Cross-site scripting (XSS) vulnerability in the addItem method in the Menu widget in YUI prior to 2.9.0 allows remote malicious users to inject arbitrary web script or HTML via a field that is added to a menu, related to documentation that specifies this field as a text field rat...
Yahoo Yui 2.4.0
Yahoo Yui 2.4.1
Yahoo Yui 2.5.2
Yahoo Yui 2.8.0
Yahoo Yui 2.2.0
Yahoo Yui 2.2.2
Yahoo Yui 2.5.0
Yahoo Yui 2.6.0
Yahoo Yui 2.3.0
Yahoo Yui 2.3.1
Yahoo Yui 2.7.0
Yahoo Yui 2.8.1
Yahoo Yui 2.5.1
Yahoo Yui
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »