Lucene search

K
YandexYandex Browser

10 matches found

CVE
CVE
added 2022/06/15 8:15 p.m.75 views

CVE-2022-28225

Local privilege vulnerability in Yandex Browser for Windows prior to 22.3.3.684 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating symlinks to installation file during Yandex Browser update process.

7.8CVSS7.7AI score0.00033EPSS
CVE
CVE
added 2022/06/15 8:15 p.m.65 views

CVE-2021-25261

Local privilege vulnerability in Yandex Browser for Windows prior to 22.5.0.862 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating symlinks to installation file during Yandex Browser update process.

7.8CVSS7.7AI score0.00033EPSS
CVE
CVE
added 2021/08/17 7:15 p.m.63 views

CVE-2021-25263

Local privilege vulnerability in Yandex Browser for Windows prior to 21.9.0.390 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating files in directory with insecure permissions during Yandex Browser update process.

7.8CVSS6.8AI score0.00089EPSS
CVE
CVE
added 2022/06/15 8:15 p.m.61 views

CVE-2022-28226

Local privilege vulnerability in Yandex Browser for Windows prior to 22.3.3.801 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating temporary files in directory with insecure permissions during Yandex Browser update process.

7.8CVSS7.7AI score0.0003EPSS
CVE
CVE
added 2016/10/26 6:59 p.m.49 views

CVE-2016-8502

Yandex Protect Anti-phishing warning in Yandex Browser for desktop from version 15.12.0 to 16.2 could be used by remote attacker for brute-forcing passwords from important web-resource with special JavaScript.

7.3CVSS7.1AI score0.00194EPSS
CVE
CVE
added 2021/09/13 12:15 p.m.47 views

CVE-2020-27969

Yandex Browser for Android 20.8.4 allows remote attackers to perform SOP bypass and addresss bar spoofing

7.5CVSS7.1AI score0.00092EPSS
CVE
CVE
added 2016/10/26 6:59 p.m.46 views

CVE-2016-8503

Yandex Protect Anti-phishing warning in Yandex Browser for desktop from version 16.7 to 16.9 could be used by remote attacker for brute-forcing passwords from important web-resource with special JavaScript.

7.3CVSS7.1AI score0.00194EPSS
CVE
CVE
added 2018/01/19 5:29 p.m.45 views

CVE-2017-7327

Yandex Browser installer for Desktop before 17.4.1 has a DLL Hijacking Vulnerability because an untrusted search path is used for dnsapi.dll, winmm.dll, ntmarta.dll, cryptbase.dll or profapi.dll.

7.8CVSS7.6AI score0.00255EPSS
CVE
CVE
added 2018/01/19 5:29 p.m.43 views

CVE-2017-7325

Yandex Browser before 16.9.0 allows remote attackers to spoof the address bar via window.open.

7.5CVSS7.4AI score0.00216EPSS
CVE
CVE
added 2018/01/19 5:29 p.m.36 views

CVE-2017-7326

Race condition issue in Yandex Browser for Android before 17.4.0.16 allowed a remote attacker to potentially exploit memory corruption via a crafted HTML page

7.5CVSS7.4AI score0.00413EPSS