Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
yandex vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2016-8505
XSS in Yandex Browser BookReader in Yandex browser for desktop for versions prior to 16.6. could be used by remote attacker for evaluation arbitrary javascript code.
Yandex Yandex.browser
383
VMScore
CVE-2007-3485
Multiple cross-site scripting (XSS) vulnerabilities in Yandex.Server allow remote malicious users to inject arbitrary web script or HTML via the (1) query or (2) within parameter to the default URI.
Yandex Yandex.server
356
VMScore
CVE-2019-15024
In all versions of ClickHouse prior to 19.14.3, an attacker having write access to ZooKeeper and who is able to run a custom server available from the network where ClickHouse runs, can create a custom-built malicious server that will act as a ClickHouse replica and register it i...
Yandex Clickhouse
NA
CVE-2023-29749
An issue found in Yandex Navigator v.6.60 for Android allows unauthorized apps to cause escalation of privilege attacks by manipulating the SharedPreference files.
Yandex Navigator 6.60
NA
CVE-2023-29751
An issue found in Yandex Navigator v.6.60 for Android allows unauthorized apps to cause a persistent denial of service by manipulating the SharedPreference files.
Yandex Navigator 6.60
828
VMScore
CVE-2016-10666
tomita-parser is a Node wrapper for Yandex Tomita Parser tomita-parser downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled cop...
Yandex Tomita-parser
435
VMScore
CVE-2012-2941
Cross-site scripting (XSS) vulnerability in search/ in Yandex.Server 2010 9.0 Enterprise allows remote malicious users to inject arbitrary web script or HTML via the text parameter.
Yandex Yandex.server 2010 9.0
1 EDB exploit
312
VMScore
CVE-2021-24277
The RSS for Yandex Turbo WordPress plugin prior to 1.30 did not properly sanitise the user inputs from its ???????? settings tab before outputting them back in the page, leading to authenticated stored Cross-Site Scripting issues
Wpuslugi Rss For Yandex Turbo
NA
CVE-2023-46775
Cross-Site Request Forgery (CSRF) vulnerability in Djo Original texts Yandex WebMaster plugin <= 1.18 versions.
Zixn Original Texts Yandex Webmaster
NA
CVE-2023-30473
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Maxim Glazunov YML for Yandex Market plugin <= 3.10.7 versions.
Icopydoc Yml For Yandex Market
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »