Every CVE whose affected-product data names Aol Instant Messenger, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (30)
CVE-2002-0005 — CVSS 10.0 (critical): Buffer overflow in AOL Instant Messenger (AIM) 4.7.2480, 4.8.2616, and other versions allows remote attackers to execute arbitrary code via…
CVE-2004-0636 — CVSS 10.0 (critical): Buffer overflow in the goaway function in the aim:goaway URI handler for AOL Instant Messenger (AIM) 5.5, including 5.5.3595, allows remote…
CVE-2003-1503 — CVSS 10.0 (critical): Buffer overflow in AOL Instant Messenger (AIM) 5.2.3292 allows remote attackers to execute arbitrary code via an aim:getfile URL with a…
CVE-2007-3437 — CVSS 7.8 (high): AOL Instant Messenger (AIM) 6.1.32.1 on Windows XP allows remote attackers to cause a denial of service (application crash) via a malformed…
CVE-2007-3350 — CVSS 7.8 (high): AOL Instant Messenger (AIM) 6.1.32.1 on Windows XP allows remote attackers to cause a denial of service (application hang) via a flood of…
CVE-2002-0592 — CVSS 7.5 (high): AOL Instant Messenger (AIM) allows remote attackers to steal files that are being transferred to other clients by connecting to port 4443…
CVE-2002-1591 — CVSS 7.5 (high): AOL Instant Messenger (AIM) 4.7.2480 adds free.aol.com to the Trusted Sites Zone in Internet Explorer without user approval, which could…
CVE-2000-1093 — CVSS 7.5 (high): Buffer overflow in AOL Instant Messenger before 4.3.2229 allows remote attackers to execute arbitrary commands via a long "goim" command.
CVE-2004-2373 — CVSS 7.5 (high): The Buddy icon file for AOL Instant Messenger (AIM) 4.3 through 5.5 is created in a predictable location, which may allow remote attackers…
CVE-2002-0362 — CVSS 7.5 (high): Buffer overflow in AOL Instant Messenger (AIM) 4.2 and later allows remote attackers to execute arbitrary code via a long AddExternalApp…
CVE-2007-5124 — CVSS 6.8 (medium): The embedded Internet Explorer server control in AOL Instant Messenger (AIM) 6.5.3.12 and earlier allows remote attackers to execute…
CVE-2007-4901 — CVSS 5.8 (medium): The embedded Internet Explorer server control in AOL Instant Messenger (AIM) 6.1.41.2 and 6.2.32.1, AIM Pro, and AIM Lite does not properly…
CVE-2006-0629 — CVSS 5.1 (medium): Unspecified vulnerability in AOL Instant Messenger (AIM) 5.9.3861 allows user-assisted remote attackers to cause a denial of service…
CVE-2001-1416 — CVSS 5.1 (medium): Multiple cross-site scripting (XSS) vulnerabilities in the log messages in certain Alpha versions of AOL Instant Messenger (AIM) 4.4 allow…
CVE-2002-0785 — CVSS 5.0 (medium): AOL Instant Messenger (AIM) allows remote attackers to cause a denial of service (crash) via an "AddBuddy" link with the ScreenName…
CVE-2000-0190 — CVSS 5.0 (medium): AOL Instant Messenger (AIM) client allows remote attackers to cause a denial of service via a message with a malformed ASCII value.
CVE-2000-0383 — CVSS 5.0 (medium): The file transfer component of AOL Instant Messenger (AIM) reveals the physical path of the transferred file to the remote recipient.
CVE-2000-1000 — CVSS 5.0 (medium): Format string vulnerability in AOL Instant Messenger (AIM) 4.1.2010 allows remote attackers to cause a denial of service and possibly…
CVE-2001-1417 — CVSS 5.0 (medium): AOL Instant Messenger (AIM) 4.7 allows remote attackers to cause a denial of service (application hang or crash) via a buddy icon GIF file…
CVE-2001-1418 — CVSS 5.0 (medium): AOL Instant Messenger (AIM) 4.7 allows remote attackers to cause a denial of service (application crash) via a malformed WAV file.
CVE-2001-1419 — CVSS 5.0 (medium): AOL Instant Messenger (AIM) 4.7.2480 and earlier allows remote attackers to cause a denial of service (application crash) via an instant…
CVE-2001-1420 — CVSS 5.0 (medium): AOL Instant Messenger (AIM) 4.7 allows remote attackers to cause a denial of service (application crash) via a long filename, possibly…
CVE-2001-1421 — CVSS 5.0 (medium): AOL Instant Messenger (AIM) 4.7 and earlier allows remote attackers to cause a denial of service (application crash) via a large number of…
CVE-2002-0591 — CVSS 5.0 (medium): Directory traversal vulnerability in AOL Instant Messenger (AIM) 4.8 beta and earlier allows remote attackers to create arbitrary files and…
CVE-1999-0486 — CVSS 5.0 (medium): Denial of service in AOL Instant Messenger when a remote attacker sends a malicious hyperlink to the receiving client, potentially causing…
CVE-2002-1953 — CVSS 5.0 (medium): Heap-based buffer overflow in the goim handler of AOL Instant Messenger (AIM) 4.4 through 4.8.2616 allows remote attackers to cause a…
CVE-2002-2169 — CVSS 5.0 (medium): Cross-site scripting vulnerability AOL Instant Messenger (AIM) 4.5 and 4.7 for MacOS and Windows allows remote attackers to conduct…
CVE-2005-1655 — CVSS 5.0 (medium): AOL Instant Messenger 5.5.x and earlier allows remote attackers to cause a denial of service (client crash) via an invalid smiley icon…
CVE-2007-1904 — CVSS 4.3 (medium): Directory traversal vulnerability in AOL Instant Messenger (AIM) 5.9 and earlier, and ICQ 5.1 and probably earlier, allows user-assisted…