← Back

Yahoo

yahoo

67 CVEs • 16 products

Products (16)

Click to collapse
Toggle
Messenger
messenger
33 CVEs
Yui
yui
12 CVEs
Toolbar
toolbar
5 CVEs
Music Jukebox
music_jukebox
3 CVEs
Yahoo! Browser
yahoo!_browser
3 CVEs
Audio Conferencing Activex Control
audio_conferencing_activex_control
1 CVE
Ui Library
ui_library
1 CVE
Widgets
widgets
1 CVE
Yahoo Assistant
yahoo_assistant
1 CVE
Tumblr
tumblr
1 CVE
Yafuoku!
yafuoku!
1 CVE
Japan Shopping
japan_shopping
1 CVE
Yahoo Ybox
yahoo_ybox
1 CVE
Athenz
athenz
1 CVE
Pager
pager
1 CVE
Serialize
serialize
1 CVE

CVEs (67)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2002-1664
1Yahoo
1Messenger
Apr 16, 2026
Dec 31, 2002
N/A· v4
N/A· v3
6.4 MEDIUM· v2
Yahoo! Messenger before February 2002 allows remote attackers to add arbitrary users to another user's buddy list and possibly obtain sensitive information.
CVE-2002-0032
1Yahoo
1Messenger
Apr 16, 2026
Jul 26, 2002
N/A· v4
N/A· v3
7.5 HIGH· v2
Yahoo! Messenger 5,0,0,1064 and earlier allows remote attackers to execute arbitrary script as other users via the addview parameter of a ymsgr URI.
CVE-2002-0031
1Yahoo
1Messenger
Apr 16, 2026
Jul 26, 2002
N/A· v4
N/A· v3
4.6 MEDIUM· v2
Buffer overflows in Yahoo! Messenger 5,0,0,1064 and earlier allows remote attackers to execute arbitrary code via a ymsgr URI with long arguments to (1) call, (2) sendim, (3) getimv, (4) chat, (5) addview, or (6) addfrie...Show more
Buffer overflows in Yahoo! Messenger 5,0,0,1064 and earlier allows remote attackers to execute arbitrary code via a ymsgr URI with long arguments to (1) call, (2) sendim, (3) getimv, (4) chat, (5) addview, or (6) addfriend.Show less
CVE-2002-0322
1Yahoo
1Messenger
Apr 16, 2026
Jun 25, 2002
N/A· v4
N/A· v3
7.5 HIGH· v2
Yahoo! Messenger 4.0 sends user passwords in cleartext, which could allow remote attackers to gain privileges of other users via sniffing.
CVE-2002-0321
1Yahoo
1Messenger
Apr 16, 2026
Jun 25, 2002
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Yahoo! Messenger 5.0 allows remote attackers to spoof other users by modifying the username and using the spoofed username for social engineering or denial of service (flooding) attacks.
CVE-2002-0320
1Yahoo
1Messenger
Apr 16, 2026
Jun 25, 2002
N/A· v4
N/A· v3
7.5 HIGH· v2
Buffer overflow in Yahoo! Messenger 5.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long (1) message or (2) IMvironment field.
CVE-2000-0047
1Yahoo
1Pager
Apr 16, 2026
Oct 1, 1999
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Buffer overflow in Yahoo Pager/Messenger client allows remote attackers to cause a denial of service via a long URL within a message.