Vulnerabilities > Yandex
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-03-14 | CVE-2021-42387 | Out-of-bounds Read vulnerability in Yandex Clickhouse Heap out-of-bounds read in Clickhouse's LZ4 compression codec when parsing a malicious query. | 5.5 |
2022-03-14 | CVE-2021-42388 | Out-of-bounds Read vulnerability in Yandex Clickhouse Heap out-of-bounds read in Clickhouse's LZ4 compression codec when parsing a malicious query. | 5.5 |
2022-03-14 | CVE-2021-42389 | Divide By Zero vulnerability in Yandex Clickhouse Divide-by-zero in Clickhouse's Delta compression codec when parsing a malicious query. | 4.0 |
2022-03-14 | CVE-2021-42390 | Divide By Zero vulnerability in Yandex Clickhouse Divide-by-zero in Clickhouse's DeltaDouble compression codec when parsing a malicious query. | 4.0 |
2022-03-14 | CVE-2021-42391 | Divide By Zero vulnerability in Yandex Clickhouse Divide-by-zero in Clickhouse's Gorilla compression codec when parsing a malicious query. | 5.0 |
2022-03-14 | CVE-2021-43304 | Out-of-bounds Write vulnerability in Yandex Clickhouse Heap buffer overflow in Clickhouse's LZ4 compression codec when parsing a malicious query. | 6.5 |
2022-03-14 | CVE-2021-43305 | Out-of-bounds Write vulnerability in Yandex Clickhouse Heap buffer overflow in Clickhouse's LZ4 compression codec when parsing a malicious query. | 6.5 |
2021-09-13 | CVE-2020-27969 | Origin Validation Error vulnerability in Yandex Browser Yandex Browser for Android 20.8.4 allows remote attackers to perform SOP bypass and addresss bar spoofing | 7.5 |
2021-09-13 | CVE-2020-27970 | Authentication Bypass by Spoofing vulnerability in Yandex Browser Yandex Browser before 20.10.0 allows remote attackers to spoof the address bar | 5.0 |
2021-08-17 | CVE-2021-25263 | Unspecified vulnerability in Yandex Clickhouse Clickhouse prior to versions v20.8.18.32-lts, v21.1.9.41-stable, v21.2.9.41-stable, v21.3.6.55-lts, v21.4.3.21-stable allows user to read any file on the host system, that clickhouse user has access to. | 4.0 |