Vulnerabilities > Yandex

DATE CVE VULNERABILITY TITLE RISK
2022-03-14 CVE-2021-42387 Out-of-bounds Read vulnerability in Yandex Clickhouse
Heap out-of-bounds read in Clickhouse's LZ4 compression codec when parsing a malicious query.
network
low complexity
yandex CWE-125
5.5
2022-03-14 CVE-2021-42388 Out-of-bounds Read vulnerability in Yandex Clickhouse
Heap out-of-bounds read in Clickhouse's LZ4 compression codec when parsing a malicious query.
network
low complexity
yandex CWE-125
5.5
2022-03-14 CVE-2021-42389 Divide By Zero vulnerability in Yandex Clickhouse
Divide-by-zero in Clickhouse's Delta compression codec when parsing a malicious query.
network
low complexity
yandex CWE-369
4.0
2022-03-14 CVE-2021-42390 Divide By Zero vulnerability in Yandex Clickhouse
Divide-by-zero in Clickhouse's DeltaDouble compression codec when parsing a malicious query.
network
low complexity
yandex CWE-369
4.0
2022-03-14 CVE-2021-42391 Divide By Zero vulnerability in Yandex Clickhouse
Divide-by-zero in Clickhouse's Gorilla compression codec when parsing a malicious query.
network
low complexity
yandex CWE-369
5.0
2022-03-14 CVE-2021-43304 Out-of-bounds Write vulnerability in Yandex Clickhouse
Heap buffer overflow in Clickhouse's LZ4 compression codec when parsing a malicious query.
network
low complexity
yandex CWE-787
6.5
2022-03-14 CVE-2021-43305 Out-of-bounds Write vulnerability in Yandex Clickhouse
Heap buffer overflow in Clickhouse's LZ4 compression codec when parsing a malicious query.
network
low complexity
yandex CWE-787
6.5
2021-09-13 CVE-2020-27969 Origin Validation Error vulnerability in Yandex Browser
Yandex Browser for Android 20.8.4 allows remote attackers to perform SOP bypass and addresss bar spoofing
network
low complexity
yandex CWE-346
7.5
2021-09-13 CVE-2020-27970 Authentication Bypass by Spoofing vulnerability in Yandex Browser
Yandex Browser before 20.10.0 allows remote attackers to spoof the address bar
network
low complexity
yandex CWE-290
5.0
2021-08-17 CVE-2021-25263 Unspecified vulnerability in Yandex Clickhouse
Clickhouse prior to versions v20.8.18.32-lts, v21.1.9.41-stable, v21.2.9.41-stable, v21.3.6.55-lts, v21.4.3.21-stable allows user to read any file on the host system, that clickhouse user has access to.
network
low complexity
yandex
4.0