CVE-2021-25263 — CVSS 7.8 (high): Local privilege vulnerability in Yandex Browser for Windows prior to 21.9.0.390 allows a local, low privileged, attacker to execute…
CVE-2022-28226 — CVSS 7.8 (high): Local privilege vulnerability in Yandex Browser for Windows prior to 22.3.3.801 allows a local, low privileged, attacker to execute…
CVE-2022-28225 — CVSS 7.8 (high): Local privilege vulnerability in Yandex Browser for Windows prior to 22.3.3.684 allows a local, low privileged, attacker to execute…
CVE-2021-25261 — CVSS 7.8 (high): Local privilege vulnerability in Yandex Browser for Windows prior to 22.5.0.862 allows a local, low privileged, attacker to execute…
CVE-2017-7327 — CVSS 7.8 (high): Yandex Browser installer for Desktop before 17.4.1 has a DLL Hijacking Vulnerability because an untrusted search path is used for…
CVE-2024-6473 — CVSS 7.8 (high): Yandex Browser for Desktop before 24.7.1.380 has a DLL Hijacking Vulnerability because an untrusted search path is used.
CVE-2017-7326 — CVSS 7.5 (high): Race condition issue in Yandex Browser for Android before 17.4.0.16 allowed a remote attacker to potentially exploit memory corruption via…
CVE-2017-7325 — CVSS 7.5 (high): Yandex Browser before 16.9.0 allows remote attackers to spoof the address bar via window.open.
CVE-2021-25255 — CVSS 7.5 (high): Yandex Browser Lite for Android prior to version 21.1.0 allows remote attackers to cause a denial of service.
CVE-2016-8503 — CVSS 7.3 (high): Yandex Protect Anti-phishing warning in Yandex Browser for desktop from version 16.7 to 16.9 could be used by remote attacker for…
CVE-2016-8502 — CVSS 7.3 (high): Yandex Protect Anti-phishing warning in Yandex Browser for desktop from version 15.12.0 to 16.2 could be used by remote attacker for…
CVE-2020-27969 — CVSS 7.3 (high): Yandex Browser for Android 20.8.4 allows remote attackers to perform SOP bypass and addresss bar spoofing
CVE-2016-8508 — CVSS 6.5 (medium): Yandex Browser for desktop before 17.1.1.227 does not show Protect (similar to Safebrowsing in Chromium) warnings in web-sites with special…
CVE-2016-8507 — CVSS 6.5 (medium): Yandex Browser for iOS before 16.10.0.2357 does not properly restrict processing of facetime:// URLs, which allows remote attackers to…
CVE-2016-8506 — CVSS 6.1 (medium): XSS in Yandex Browser Translator in Yandex browser for desktop for versions from 15.12 to 16.2 could be used by remote attacker for…
CVE-2021-25262 — CVSS 5.4 (medium): Yandex Browser for Android prior to version 21.3.0 allows remote attackers to perform IDN homograph attack.
CVE-2016-8501 — CVSS 5.3 (medium): Security WiFi bypass in Yandex Browser from version 15.10 to 15.12 allows remote attacker to sniff traffic in open or WEP-protected wi-fi…
CVE-2020-7369 — CVSS 4.3 (medium): User Interface (UI) Misrepresentation of Critical Information vulnerability in the address bar of the Yandex Browser allows an attacker to…
CVE-2016-8504 — CVSS 4.3 (medium): CSRF of synchronization form in Yandex Browser for desktop before version 16.6 could be used by remote attacker to steal saved data in…