Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
yahoo vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-2645
The Yahoo! Japan Yahoo! Browser application 1.2.0 and previous versions for Android does not properly implement the WebView class, which allows remote malicious users to obtain sensitive information via a crafted application.
Yahoo Yahoo\\! Browser
NA
CVE-2008-2111
The ActiveX Control (yNotifier.dll) in Yahoo! Assistant 3.6 and previous versions allows remote malicious users to execute arbitrary code via unspecified vectors in the Ynoifier COM object that trigger memory corruption.
Yahoo Yahoo Assistant
1 EDB exploit
NA
CVE-2014-4603
Multiple cross-site scripting (XSS) vulnerabilities in yupdates_application.php in the Yahoo! Updates for WordPress plugin 1.0 and previous versions for WordPress allow remote malicious users to inject arbitrary web script or HTML via the (1) secret, (2) key, or (3) appid paramet...
Yahoo\\! Updates For Wordpress Plugin Project Yahoo\\! Updates For Wordpress Plugin
NA
CVE-2014-5881
The Yahoo! Japan Box (aka jp.co.yahoo.android.ybox) application 1.5.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Yahoo Yahoo Ybox 1.5.1
NA
CVE-2013-6853
Cross-site scripting (XSS) vulnerability in clickstream.js in Y! Toolbar plugin for FireFox 3.1.0.20130813024103 for Mac, and 2.5.9.2013418100420 for Windows, allows remote malicious users to inject arbitrary web script or HTML via a crafted URL that is stored by the victim.
Yahoo Toolbar 3.1.0.20130813024103
Yahoo Toolbar 2.5.9.2013418100420
NA
CVE-2006-3298
Yahoo! Messenger 7.5.0.814 and 7.0.438 allows remote malicious users to cause a denial of service (crash) via messages that contain non-ASCII characters, which triggers the crash in jscript.dll.
Yahoo Messenger 7.0.438
Yahoo Messenger 7.5.0.814
1 EDB exploit
NA
CVE-2010-4209
Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.8.0 up to and including 2.8.1, as used in Bugzilla 3.7.1 up to and including 3.7.3 and 4.1, allows remote malicious users to inject arbitrary web script or HTML via vectors related to swfstore...
Yahoo Yui 2.8.1
Yahoo Yui 2.8.0
NA
CVE-2007-4635
Yahoo! Messenger 8.1.0.209 and 8.1.0.402 allows remote malicious users to cause a denial of service (application crash) via certain file-transfer packets, possibly involving a buffer overflow, as demonstrated by ym8bug.exe. NOTE: this might be related to CVE-2007-4515. NOTE: the ...
Yahoo Messenger 8.1.0.209
Yahoo Messenger 8.1.0.402
1 EDB exploit
NA
CVE-2013-4940
Cross-site scripting (XSS) vulnerability in io.swf in the IO Utility component in Yahoo! YUI 3.10.2, as used in Moodle up to and including 2.1.10, 2.2.x prior to 2.2.11, 2.3.x prior to 2.3.8, 2.4.x prior to 2.4.5, 2.5.x prior to 2.5.1, and other products, allows remote malicious ...
Moodle Moodle 2.1.1
Moodle Moodle 2.1.3
Yahoo Yui 3.1.2
Yahoo Yui 3.3.0
Yahoo Yui 3.6.0
Yahoo Yui 3.7.1
Yahoo Yui 3.10.0
Yahoo Yui 3.10.2
Moodle Moodle 2.2.0
Moodle Moodle 2.2.7
Moodle Moodle 2.4.4
Moodle Moodle 2.4.2
Moodle Moodle 2.3.5
Moodle Moodle 2.3.3
Moodle Moodle 2.3.4
Moodle Moodle 2.1.10
Moodle Moodle 2.1.5
Moodle Moodle 2.1.4
Moodle Moodle 2.1.2
Moodle Moodle 2.1.6
Yahoo Yui 3.4.0
Yahoo Yui 3.4.1
NA
CVE-2013-4939
Cross-site scripting (XSS) vulnerability in io.swf in the IO Utility component in Yahoo! YUI 3.0.0 up to and including 3.9.1, as used in Moodle up to and including 2.1.10, 2.2.x prior to 2.2.11, 2.3.x prior to 2.3.8, 2.4.x prior to 2.4.5, 2.5.x prior to 2.5.1, and other products,...
Yahoo Yui 3.8.0
Moodle Moodle 2.3.4
Yahoo Yui 3.5.0
Moodle Moodle 2.2.2
Yahoo Yui 3.8.1
Yahoo Yui 3.6.0
Yahoo Yui 3.1.0
Moodle Moodle 2.3.1
Moodle Moodle 2.4.3
Moodle Moodle 2.4.1
Yahoo Yui 3.7.0
Moodle Moodle 2.2.9
Moodle Moodle 2.1.2
Moodle Moodle 2.4.2
Moodle Moodle 2.2.6
Yahoo Yui 3.10.0
Yahoo Yui 3.2.0
Yahoo Yui 3.7.2
Moodle Moodle 2.3.6
Yahoo Yui 3.9.0
Moodle Moodle 2.1.10
Moodle Moodle 2.1.8
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »