Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
yahoo vulnerabilities and exploits
(subscribe to this query)
945
VMScore
CVE-2007-3147
Buffer overflow in the Yahoo! Webcam Upload ActiveX control in ywcupl.dll 2.0.1.4 for Yahoo! Messenger 8.1.0.249 allows remote malicious users to execute arbitrary code via a long server property value to the send method. NOTE: some of these details are obtained from third party ...
Yahoo Messenger 8.1.0.249
Yahoo Messenger 8.0.1
Yahoo Messenger 8.0 2005.1.1.4
Yahoo Messenger 2.0.1.4
Yahoo Messenger 8.0
Yahoo Messenger 8.0.0.863
3 EDB exploits
940
VMScore
CVE-2007-4515
Buffer overflow in a certain ActiveX control in YVerInfo.dll prior to 2007.8.27.1 in the Yahoo! services suite for Yahoo! Messenger prior to 8.1.0.419 allows remote malicious users to execute arbitrary code via unspecified vectors involving arguments to the (1) fvCom and (2) info...
Yahoo Messenger
2 EDB exploits
940
VMScore
CVE-2007-4391
Heap-based buffer overflow in Kakadu kdu_v32m.dll in Yahoo! Messenger 8.1.0.413 allows remote malicious users to cause a denial of service (application crash) via a certain length field in JPEG2000 data, as demonstrated by sending an "invite to view my webcam" request, ...
Yahoo Messenger 8.1.0.413
2 EDB exploits
940
VMScore
CVE-2007-3148
Buffer overflow in the Yahoo! Webcam Viewer ActiveX control in ywcvwr.dll 2.0.1.4 for Yahoo! Messenger 8.1.0.249 allows remote malicious users to execute arbitrary code via a long server property value to the receive method.
Yahoo Messenger 8.0 2005.1.1.4
Yahoo Messenger 8.1.0.249
Yahoo Messenger 2.0.1.4
Yahoo Messenger 8.0
Yahoo Messenger 8.0.0.863
Yahoo Messenger 8.0.1
2 EDB exploits
935
VMScore
CVE-2008-2111
The ActiveX Control (yNotifier.dll) in Yahoo! Assistant 3.6 and previous versions allows remote malicious users to execute arbitrary code via unspecified vectors in the Ynoifier COM object that trigger memory corruption.
Yahoo Yahoo Assistant
1 EDB exploit
935
VMScore
CVE-2007-4034
Stack-based buffer overflow in the YDPCTL.YDPControl.1 (aka Yahoo! Installer Plugin for Widgets) ActiveX control prior to 2007.7.13.3 (20070620) in YDPCTL.dll in Yahoo! Widgets prior to 4.0.5 allows remote malicious users to execute arbitrary code via a long argument to the GetCo...
Yahoo Widgets
1 EDB exploit
890
VMScore
CVE-2015-4474
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox prior to 40.0 allow remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
Mozilla Firefox
890
VMScore
CVE-2015-4477
Use-after-free vulnerability in the MediaStream playback feature in Mozilla Firefox prior to 40.0 allows remote malicious users to execute arbitrary code via unspecified use of the Web Audio API.
Opensuse Opensuse 13.2
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
Opensuse Opensuse 13.1
Mozilla Firefox
890
VMScore
CVE-2015-4486
The decrease_ref_count function in libvpx in Mozilla Firefox prior to 40.0 and Firefox ESR 38.x prior to 38.2 allows remote malicious users to execute arbitrary code or cause a denial of service (out-of-bounds read) via malformed WebM video data.
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Canonical Ubuntu Linux 12.04
Mozilla Firefox Esr 38.0
Mozilla Firefox Esr 38.0.1
Mozilla Firefox
Mozilla Firefox Esr 38.0.5
Mozilla Firefox Esr 38.1.0
Oracle Solaris 11.3
829
VMScore
CVE-2014-7216
Multiple stack-based buffer overflows in Yahoo! Messenger 11.5.0.228 and previous versions allow remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via the (1) shortcut or (2) title keys in an emoticons.xml file.
Yahoo Messenger
1 Article
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »