Vulnerabilities > Yandex > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-10-26 | CVE-2016-8503 | 7PK - Security Features vulnerability in Yandex Browser 16.7.0.3342/16.7.1.20808/16.9.1.1131 Yandex Protect Anti-phishing warning in Yandex Browser for desktop from version 16.7 to 16.9 could be used by remote attacker for brute-forcing passwords from important web-resource with special JavaScript. | 5.0 |
| 2016-10-26 | CVE-2016-8502 | 7PK - Security Features vulnerability in Yandex Browser 15.12.0.6151/15.12.1.6475/16.2.0.3539 Yandex Protect Anti-phishing warning in Yandex Browser for desktop from version 15.12.0 to 16.2 could be used by remote attacker for brute-forcing passwords from important web-resource with special JavaScript. | 5.0 |
| 2016-10-26 | CVE-2016-8501 | Permissions, Privileges, and Access Controls vulnerability in Yandex Browser 15.10.2454.3845/15.12.0.6151/15.12.1.6475 Security WiFi bypass in Yandex Browser from version 15.10 to 15.12 allows remote attacker to sniff traffic in open or WEP-protected wi-fi networks despite of special security mechanism is enabled. | 5.0 |
| 2012-05-27 | CVE-2012-2941 | Cross-Site Scripting vulnerability in Yandex Yandex.Server 2010 9.0 Cross-site scripting (XSS) vulnerability in search/ in Yandex.Server 2010 9.0 Enterprise allows remote attackers to inject arbitrary web script or HTML via the text parameter. | 4.3 |
| 2007-06-28 | CVE-2007-3485 | Cross-Site Scripting vulnerability in Yandex.Server Multiple cross-site scripting (XSS) vulnerabilities in Yandex.Server allow remote attackers to inject arbitrary web script or HTML via the (1) query or (2) within parameter to the default URI. network yandex | 4.3 |