CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1509 matches found

Yahoo User Interface library (YUI2) TreeView v2.8.2 - Cross-Site Scripting

Reflected cross-site scripting XSS exists in the TreeView of YUI2 through 2800: up.php sam.php renderhidden.php removechildren.php removeall.php readd.php overflow.php newnode2.php newnode.php. id: CVE-2022-48197 info: name: Yahoo User Interface library YUI2 TreeView v2.8.2 - Cross-Site Scripting...

6.1CVSS6.2AI score0.06608EPSS

Exploits3References5

The Hacker News•added 2026/06/12 8:52 a.m.•19 views

INTERPOL Operation Takes Down Sniper Dz Phishing Platform, Arrests Administrator

An INTERPOL-led operation last month resulted in the disruption of Sniper Dz , a decade-long phishing-as-a-service PhaaS platform, Group-IB said Thursday. The effort, codenamed Operation Ramz, took place between October 2025 and February 2026, and saw authorities from 13 countries in the Middle...

5.5AI score

Exploits0

Wired Threat Level•added 2026/06/01 10:30 a.m.•13 views

The Romance Scammer Who Made a Small Fortune Posing as a WWE Superstar

In this excerpt from WIRED Book Club pick The Yahoo Boys, journalist Carlos Barragán traces one scammer’s journey from flop to fortune...

5.8AI score

Exploits0

Malwarebytes•added 2026/05/14 10:47 a.m.•10 views

Why Malwarebytes blocks some Yahoo Mail redirects

Some Malwarebytes users have recently noticed frequent web protection alerts while reading email in Yahoo Mail’s web interface. These alerts are caused by background connections from the Yahoo Mail page to a set of third‑party domains that our products and other security tools currently classify ...

5.8AI score

Exploits0

HackRead•added 2026/05/14 10:32 a.m.•5 views

China-Linked Twill Typhoon Uses Fake Apple and Yahoo Sites for Espionage

A new Darktrace report reveals how Chinese hackers use fake Apple and Yahoo sites and the FDMTP malware framework to spy on organisations...

5.8AI score

Exploits0

OSSF Malicious Packages•added 2026/03/18 1:16 p.m.•7 views

Malicious code in yahoo-commerce (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e3725b1c28bf27cb9ae988e61fc0c7b790b588587cef59086e7d63460f2241a9 The package yahoo-commerce was found to contain malicious code...

5.8AI score

Exploits0

OSV•added 2026/03/18 1:16 p.m.•1 views

MAL-2026-1879 Malicious code in yahoo-commerce (npm)

5.8AI score

Exploits0

RedhatCVE•added 2026/01/09 11:48 a.m.•4 views

CVE-2009-4858

Cross-site scripting XSS vulnerability in questiondetail.php in Yahoo Answers Clone allows remote attackers to inject arbitrary web script or HTML via the questionid parameter...

4.3CVSS5.9AI score0.01269EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 11:4 a.m.•7 views

CVE-2007-4635

Yahoo! Messenger 8.1.0.209 and 8.1.0.402 allows remote attackers to cause a denial of service application crash via certain file-transfer packets, possibly involving a buffer overflow, as demonstrated by ym8bug.exe. NOTE: this might be related to CVE-2007-4515. NOTE: the provenance of this...

9.3CVSS7.1AI score0.33011EPSS

Exploits4References1

OSV•added 2026/01/02 12:14 p.m.•4 views

OPENSUSE-SU-2026:20002-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: Changes in MozillaThunderbird: Mozilla Thunderbird 140.5.0 ESR MFSA 2025-91 bsc1253188: CVE-2025-13012 Race condition in the Graphics component CVE-2025-13016 Incorrect boundary conditions in the JavaScript: WebAssembly component...

8.8CVSS5.8AI score0.00401EPSS

Exploits0References10