Filtered by vendor Yahoo
Subscribe
Total
66 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-2361 | 1 Yahoo | 1 Messenger | 2025-04-03 | 5.8 MEDIUM | N/A |
| The installer in Yahoo! Messenger 4.0, 5.0 and 5.5 does not verify package signatures which could allow remote attackers to install trojan programs via DNS spoofing. | |||||
| CVE-2002-0032 | 1 Yahoo | 1 Messenger | 2025-04-03 | 7.5 HIGH | N/A |
| Yahoo! Messenger 5,0,0,1064 and earlier allows remote attackers to execute arbitrary script as other users via the addview parameter of a ymsgr URI. | |||||
| CVE-2002-1664 | 1 Yahoo | 1 Messenger | 2025-04-03 | 6.4 MEDIUM | N/A |
| Yahoo! Messenger before February 2002 allows remote attackers to add arbitrary users to another user's buddy list and possibly obtain sensitive information. | |||||
| CVE-2005-0242 | 1 Yahoo | 1 Messenger | 2025-04-03 | 4.6 MEDIUM | N/A |
| The Audio Setup Wizard (asw.dll) in Yahoo! Messenger 6.0.0.1750, and possibly other versions, allows attackers to arbitrary code by placing a malicious ping.exe program into the Messenger program directory, which is installed with weak default permissions. | |||||
| CVE-2004-0043 | 1 Yahoo | 1 Messenger | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Yahoo Instant Messenger 5.6.0.1351 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long filename in the download feature. | |||||
| CVE-2019-6035 | 1 Yahoo | 1 Athenz | 2024-11-21 | 5.8 MEDIUM | 6.1 MEDIUM |
| Open redirect vulnerability in Athenz v1.8.24 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted page. | |||||