Vulnerabilities > Yandex > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-30 | CVE-2019-16535 | Integer Underflow (Wrap or Wraparound) vulnerability in Yandex Clickhouse In all versions of ClickHouse before 19.14, an OOB read, OOB write and integer underflow in decompression algorithms can be used to achieve RCE or DoS via native protocol. | 9.8 |
| 2019-08-15 | CVE-2018-14671 | Improper Input Validation vulnerability in Yandex Clickhouse In ClickHouse before 18.10.3, unixODBC allowed loading arbitrary shared objects from the file system which led to a Remote Code Execution vulnerability. | 9.8 |
| 2019-08-15 | CVE-2018-14670 | Improper Authorization vulnerability in Yandex Clickhouse Incorrect configuration in deb package in ClickHouse before 1.1.54131 could lead to unauthorized use of the database. | 9.8 |