Vulnerabilities > Yandex > Yandex Browser > 16.7.1.20808
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-06-15 | CVE-2021-25261 | Link Following vulnerability in Yandex Browser Local privilege vulnerability in Yandex Browser for Windows prior to 22.5.0.862 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating symlinks to installation file during Yandex Browser update process. | 7.2 |
2022-06-15 | CVE-2022-28226 | Exposure of Resource to Wrong Sphere vulnerability in Yandex Browser Local privilege vulnerability in Yandex Browser for Windows prior to 22.3.3.801 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating temporary files in directory with insecure permissions during Yandex Browser update process. | 7.8 |
2021-09-13 | CVE-2020-27970 | Authentication Bypass by Spoofing vulnerability in Yandex Browser Yandex Browser before 20.10.0 allows remote attackers to spoof the address bar | 5.0 |
2017-03-01 | CVE-2016-8508 | 7PK - Security Features vulnerability in Yandex Browser Yandex Browser for desktop before 17.1.1.227 does not show Protect (similar to Safebrowsing in Chromium) warnings in web-sites with special content-type, which could be used by remote attacker for prevention Protect warning on own malicious web-site. | 4.3 |
2016-10-26 | CVE-2016-8503 | 7PK - Security Features vulnerability in Yandex Browser 16.7.0.3342/16.7.1.20808/16.9.1.1131 Yandex Protect Anti-phishing warning in Yandex Browser for desktop from version 16.7 to 16.9 could be used by remote attacker for brute-forcing passwords from important web-resource with special JavaScript. | 5.0 |