Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Yandex_browser
(Yandex)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 17 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2018-01-19 | CVE-2017-7326 | Race condition issue in Yandex Browser for Android before 17.4.0.16 allowed a remote attacker to potentially exploit memory corruption via a crafted HTML page | Yandex_browser | 7.5 | ||
| 2018-01-19 | CVE-2017-7325 | Yandex Browser before 16.9.0 allows remote attackers to spoof the address bar via window.open. | Yandex_browser | 7.5 | ||
| 2016-10-26 | CVE-2016-8506 | XSS in Yandex Browser Translator in Yandex browser for desktop for versions from 15.12 to 16.2 could be used by remote attacker for evaluation arbitrary javascript code. | Yandex_browser | 6.1 | ||
| 2016-10-26 | CVE-2016-8504 | CSRF of synchronization form in Yandex Browser for desktop before version 16.6 could be used by remote attacker to steal saved data in browser profile. | Yandex_browser | 4.3 | ||
| 2016-10-26 | CVE-2016-8503 | Yandex Protect Anti-phishing warning in Yandex Browser for desktop from version 16.7 to 16.9 could be used by remote attacker for brute-forcing passwords from important web-resource with special JavaScript. | Yandex_browser | 7.3 | ||
| 2016-10-26 | CVE-2016-8502 | Yandex Protect Anti-phishing warning in Yandex Browser for desktop from version 15.12.0 to 16.2 could be used by remote attacker for brute-forcing passwords from important web-resource with special JavaScript. | Yandex_browser | 7.3 | ||
| 2016-10-26 | CVE-2016-8501 | Security WiFi bypass in Yandex Browser from version 15.10 to 15.12 allows remote attacker to sniff traffic in open or WEP-protected wi-fi networks despite of special security mechanism is enabled. | Yandex_browser | 5.3 |