Affected Products

Vendor / product matrix with CVE counts sourced from the CPE catalog.

Export CSV

Products

1 vendor
VendorProductsCVEsKEVAvg EPSSWorst Severity
yandex
312027.6%HIGH

Related CVEs

12
CVE IDDescriptionSeverityCVSSKEVEPSSPublished
CVE-2025-5471Uncontrolled Search Path Element vulnerability in Yandex Telemost on MacOS allows Search Order Hijacking.This issue affects Telemost: before 2.19.1.HIGH7.34.6%Dec 9, 2025
CVE-2024-12168Yandex Telemost for Desktop before 2.7.0 has a DLL Hijacking Vulnerability because an untrusted search path is used.HIGH8.43.3%Jun 2, 2025
CVE-2023-26226A use after free memory corruption issue exists in Yandex Browser for Desktop prior to version 24.4.0.682HIGH7.423.3%May 30, 2025
CVE-2021-25262Yandex Browser for Android prior to version 21.3.0 allows remote attackers to perform IDN homograph attack.MEDIUM6.929.0%May 21, 2025
CVE-2021-25255Yandex Browser Lite for Android prior to version 21.1.0 allows remote attackers to cause a denial of service.HIGH8.347.3%May 21, 2025
CVE-2021-25254Yandex Browser Lite for Android before 21.1.0 allows remote attackers to spoof the address bar.HIGH8.236.7%May 21, 2025
CVE-2024-6473Yandex Browser for Desktop before 24.7.1.380 has a DLL Hijacking Vulnerability because an untrusted search path is used.HIGH8.449.1%Sep 3, 2024
CVE-2023-29751An issue found in Yandex Navigator v.6.60 for Android allows unauthorized apps to cause a persistent denial of service by manipulating the SharedPreference files.MEDIUM5.5Jun 9, 2023
CVE-2023-29749An issue found in Yandex Navigator v.6.60 for Android allows unauthorized apps to cause escalation of privilege attacks by manipulating the SharedPreference files.HIGH7.8Jun 9, 2023
CVE-2022-28226Local privilege vulnerability in Yandex Browser for Windows prior to 22.3.3.801 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating temporary files in directory with insecure permissions during Yandex Browser update process.HIGH7.8Jun 15, 2022
CVE-2022-28225Local privilege vulnerability in Yandex Browser for Windows prior to 22.3.3.684 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating symlinks to installation file during Yandex Browser update process.HIGH7.8Jun 15, 2022
CVE-2021-25261Local privilege vulnerability in Yandex Browser for Windows prior to 22.5.0.862 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating symlinks to installation file during Yandex Browser update process.HIGH7.8Jun 15, 2022