Filtered by vendor Yandex
Subscriptions
Total
30 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-26226 | 1 Yandex | 1 Yandex Browser | 2025-12-05 | 9.8 Critical |
| A use after free memory corruption issue exists in Yandex Browser for Desktop prior to version 24.4.0.682 | ||||
| CVE-2024-12168 | 1 Yandex | 1 Yandex Telemost | 2025-12-03 | 7.8 High |
| Yandex Telemost for Desktop before 2.7.0 has a DLL Hijacking Vulnerability because an untrusted search path is used. | ||||
| CVE-2021-25254 | 1 Yandex | 1 Yandex Browser | 2025-06-10 | 5.3 Medium |
| Yandex Browser Lite for Android before 21.1.0 allows remote attackers to spoof the address bar. | ||||
| CVE-2021-25255 | 1 Yandex | 1 Yandex Browser | 2025-06-10 | 7.5 High |
| Yandex Browser Lite for Android prior to version 21.1.0 allows remote attackers to cause a denial of service. | ||||
| CVE-2021-25262 | 2 Google, Yandex | 2 Android, Yandex Browser | 2025-06-10 | 5.4 Medium |
| Yandex Browser for Android prior to version 21.3.0 allows remote attackers to perform IDN homograph attack. | ||||
| CVE-2016-8507 | 1 Yandex | 1 Yandex Browser | 2025-04-20 | 6.5 Medium |
| Yandex Browser for iOS before 16.10.0.2357 does not properly restrict processing of facetime:// URLs, which allows remote attackers to initiate facetime-call without user's approval and obtain video and audio data from a device via a crafted web site. | ||||
| CVE-2016-8508 | 1 Yandex | 1 Yandex Browser | 2025-04-20 | 6.5 Medium |
| Yandex Browser for desktop before 17.1.1.227 does not show Protect (similar to Safebrowsing in Chromium) warnings in web-sites with special content-type, which could be used by remote attacker for prevention Protect warning on own malicious web-site. | ||||
| CVE-2016-8506 | 1 Yandex | 1 Yandex Browser | 2025-04-12 | N/A |
| XSS in Yandex Browser Translator in Yandex browser for desktop for versions from 15.12 to 16.2 could be used by remote attacker for evaluation arbitrary javascript code. | ||||
| CVE-2016-8504 | 1 Yandex | 1 Yandex Browser | 2025-04-12 | N/A |
| CSRF of synchronization form in Yandex Browser for desktop before version 16.6 could be used by remote attacker to steal saved data in browser profile. | ||||
| CVE-2016-8502 | 1 Yandex | 1 Yandex Browser | 2025-04-12 | N/A |
| Yandex Protect Anti-phishing warning in Yandex Browser for desktop from version 15.12.0 to 16.2 could be used by remote attacker for brute-forcing passwords from important web-resource with special JavaScript. | ||||
| CVE-2016-8503 | 1 Yandex | 1 Yandex Browser | 2025-04-12 | N/A |
| Yandex Protect Anti-phishing warning in Yandex Browser for desktop from version 16.7 to 16.9 could be used by remote attacker for brute-forcing passwords from important web-resource with special JavaScript. | ||||
| CVE-2016-8505 | 1 Yandex | 1 Yandex.browser | 2025-04-12 | N/A |
| XSS in Yandex Browser BookReader in Yandex browser for desktop for versions before 16.6. could be used by remote attacker for evaluation arbitrary javascript code. | ||||
| CVE-2016-8501 | 1 Yandex | 1 Yandex Browser | 2025-04-12 | N/A |
| Security WiFi bypass in Yandex Browser from version 15.10 to 15.12 allows remote attacker to sniff traffic in open or WEP-protected wi-fi networks despite of special security mechanism is enabled. | ||||
| CVE-2012-2941 | 1 Yandex | 1 Yandex.server 2010 | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in search/ in Yandex.Server 2010 9.0 Enterprise allows remote attackers to inject arbitrary web script or HTML via the text parameter. | ||||
| CVE-2007-3485 | 1 Yandex | 1 Yandex.server | 2025-04-09 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Yandex.Server allow remote attackers to inject arbitrary web script or HTML via the (1) query or (2) within parameter to the default URI. | ||||
| CVE-2023-29751 | 1 Yandex | 1 Navigator | 2025-01-06 | 5.5 Medium |
| An issue found in Yandex Navigator v.6.60 for Android allows unauthorized apps to cause a persistent denial of service by manipulating the SharedPreference files. | ||||
| CVE-2023-29749 | 1 Yandex | 1 Navigator | 2025-01-06 | 7.8 High |
| An issue found in Yandex Navigator v.6.60 for Android allows unauthorized apps to cause escalation of privilege attacks by manipulating the SharedPreference files. | ||||
| CVE-2022-28226 | 2 Microsoft, Yandex | 2 Windows, Yandex Browser | 2024-11-21 | 7.8 High |
| Local privilege vulnerability in Yandex Browser for Windows prior to 22.3.3.801 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating temporary files in directory with insecure permissions during Yandex Browser update process. | ||||
| CVE-2022-28225 | 2 Microsoft, Yandex | 2 Windows, Yandex Browser | 2024-11-21 | 7.8 High |
| Local privilege vulnerability in Yandex Browser for Windows prior to 22.3.3.684 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating symlinks to installation file during Yandex Browser update process. | ||||
| CVE-2021-25263 | 1 Yandex | 1 Yandex Browser | 2024-11-21 | 7.8 High |
| Local privilege vulnerability in Yandex Browser for Windows prior to 21.9.0.390 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating files in directory with insecure permissions during Yandex Browser update process. | ||||