Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
yahoo vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-0768
Multiple cross-site scripting (XSS) vulnerabilities in the Contact Details functionality in Yahoo! Messenger 8.1.0.209 and previous versions allow user-assisted remote malicious users to inject arbitrary web script or HTML via a javascript: URI in the SRC attribute of an IMG elem...
Yahoo Messenger
1 EDB exploit
NA
CVE-2012-2647
Yahoo! Toolbar 1.0.0.5 and previous versions for Chrome and Safari allows remote malicious users to modify the configured search URL, and intercept search terms, via a crafted web page.
Yahoo Toolbar
NA
CVE-2007-4515
Buffer overflow in a certain ActiveX control in YVerInfo.dll prior to 2007.8.27.1 in the Yahoo! services suite for Yahoo! Messenger prior to 8.1.0.419 allows remote malicious users to execute arbitrary code via unspecified vectors involving arguments to the (1) fvCom and (2) info...
Yahoo Messenger
2 EDB exploits
NA
CVE-2007-4034
Stack-based buffer overflow in the YDPCTL.YDPControl.1 (aka Yahoo! Installer Plugin for Widgets) ActiveX control prior to 2007.7.13.3 (20070620) in YDPCTL.dll in Yahoo! Widgets prior to 4.0.5 allows remote malicious users to execute arbitrary code via a long argument to the GetCo...
Yahoo Widgets
1 EDB exploit
NA
CVE-2002-0320
Buffer overflow in Yahoo! Messenger 5.0 allows remote malicious users to cause a denial of service and possibly execute arbitrary code via a long (1) message or (2) IMvironment field.
Yahoo Messenger 5.0
NA
CVE-2008-5490
SQL injection vulnerability in index.php in PHPStore Yahoo Answers allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Phpstore Yahoo Answers
1 EDB exploit
NA
CVE-2006-5563
Unspecified vulnerability in Yahoo! Messenger (Service 18) prior to 8.1.0.195 allows remote malicious users to cause a denial of service (NULL dereference and application crash) via a crafted room name in a Conference Invite. NOTE: the provenance of this information is unknown; t...
Yahoo Messenger 8.0
NA
CVE-2007-6228
Stack-based buffer overflow in the Helper class in the yt.ythelper.2 ActiveX control in Yahoo! Toolbar 1.4.1 allows remote malicious users to cause a denial of service (browser crash) via a long argument to the c method.
Yahoo Toolbar 1.4.1
1 EDB exploit
NA
CVE-2009-4171
An ActiveX control in YahooBridgeLib.dll for Yahoo! Messenger 9.0.0.2162, and possibly other 9.0 versions, allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) by calling the RegisterMe method with a long argument.
Yahoo Messenger 9.0.0.2162
2 EDB exploits
NA
CVE-2007-2385
The Yahoo! UI framework exchanges data using JavaScript Object Notation (JSON) without an associated protection scheme, which allows remote malicious users to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and capture...
Yahoo Ui Library
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »