Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
yandex vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2016-8504
CSRF of synchronization form in Yandex Browser for desktop before version 16.6 could be used by remote malicious user to steal saved data in browser profile.
Yandex Yandex Browser
383
VMScore
CVE-2016-8507
Yandex Browser for iOS prior to 16.10.0.2357 does not properly restrict processing of facetime:// URLs, which allows remote malicious users to initiate facetime-call without user's approval and obtain video and audio data from a device via a crafted web site.
Yandex Yandex Browser
383
VMScore
CVE-2016-8508
Yandex Browser for desktop prior to 17.1.1.227 does not show Protect (similar to Safebrowsing in Chromium) warnings in web-sites with special content-type, which could be used by remote attacker for prevention Protect warning on own malicious web-site.
Yandex Yandex Browser
312
VMScore
CVE-2021-24428
The RSS for Yandex Turbo WordPress plugin up to and including 1.30 does not sanitise or escape some of its settings before saving and outputing them in the admin dashboard, leading to an Authenticated Stored Cross-Site Scripting issue even when the unfiltered_html capability is d...
Yandex Yandex Turbo
454
VMScore
CVE-2017-7326
Race condition issue in Yandex Browser for Android prior to 17.4.0.16 allowed a remote malicious user to potentially exploit memory corruption via a crafted HTML page
Yandex Yandex Browser
NA
CVE-2023-34173
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Alexander Semikashev Yandex Metrica Counter plugin <= 1.4.3 versions.
Yandex Metrica Counter Project Yandex Metric Counter
641
VMScore
CVE-2022-28225
Local privilege vulnerability in Yandex Browser for Windows before 22.3.3.684 allows a local, low privileged, malicious user to execute arbitary code with the SYSTEM privileges through manipulating symlinks to installation file during Yandex Browser update process.
Yandex Yandex Browser
641
VMScore
CVE-2022-28226
Local privilege vulnerability in Yandex Browser for Windows before 22.3.3.801 allows a local, low privileged, malicious user to execute arbitary code with the SYSTEM privileges through manipulating temporary files in directory with insecure permissions during Yandex Browser updat...
Yandex Yandex Browser
668
VMScore
CVE-2019-16535
In all versions of ClickHouse prior to 19.14, an OOB read, OOB write and integer underflow in decompression algorithms can be used to achieve RCE or DoS via native protocol.
Yandex Clickhouse
641
VMScore
CVE-2021-25261
Local privilege vulnerability in Yandex Browser for Windows before 22.5.0.862 allows a local, low privileged, malicious user to execute arbitary code with the SYSTEM privileges through manipulating symlinks to installation file during Yandex Browser update process.
Yandex Yandex Browser
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »