525 matches found
EUVD-2024-29330
Malicious code in bioql PyPI...
EUVD-2021-29361
Malicious code in bioql PyPI...
EUVD-2025-6783
Malicious code in bioql PyPI...
EUVD-2024-19964
Malicious code in bioql PyPI...
EUVD-2022-46973
Malicious code in bioql PyPI...
EUVD-2021-29358
Malicious code in bioql PyPI...
EUVD-2021-30248
Malicious code in bioql PyPI...
EUVD-2021-30247
Malicious code in bioql PyPI...
EUVD-2025-18907
Malicious code in bioql PyPI...
Clickhouse API Unauthenticated Access
Clickhouse is an open-source columnar database management system for online analytical processing. The Clickhouse HTTP interface allows users to interact with the database using HTTP requests. When no authentication is configured, the Clickhouse API can be accessed without any credentials. This c...
Linux Distros Unpatched Vulnerability : CVE-2025-1385
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When the library bridge feature is enabled, the clickhouse-library-bridge exposes an HTTP API on localhost. This allows clickhouse-server to dynamically load a...
Detecting Data Leaks Before Disaster
In January 2025, cybersecurity experts at Wiz Research found that Chinese AI specialist DeepSeek had suffered a data leak, putting more than 1 million sensitive log streams at risk. According to the Wiz Research team, they identified a publicly accessible ClickHouse database belonging to DeepSeek...
Linux Distros Unpatched Vulnerability : CVE-2024-6873
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It is possible to crash or redirect the execution flow of the ClickHouse server process from an unauthenticated vector by sending a specially crafted request to...
Linux Distros Unpatched Vulnerability : CVE-2023-48298
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ClickHouse is an open-source column-oriented database management system that allows generating analytical data reports in real-time. This vulnerability is an...
Linux Distros Unpatched Vulnerability : CVE-2023-48704
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ClickHouse is an open-source column-oriented database management system that allows generating analytical data reports in real-time. A heap buffer overflow issu...
Linux Distros Unpatched Vulnerability : CVE-2019-16536
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Stack overflow leading to DoS can be triggered by a malicious authenticated client in Clickhouse before 19.14.3.3. CVE-2019-16536 Note that Nessus relies on the...
Linux Distros Unpatched Vulnerability : CVE-2023-47118
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ClickHouse is an open-source column-oriented database management system that allows generating analytical data reports in real-time. A heap buffer overflow issu...
MAL-2025-7128 Malicious code in @clickhouse-team/backup-components (npm)
The package @clickhouse-team/backup-components was found to contain malicious code...
Malicious code in @clickhouse-team/backup-components (npm)
The package @clickhouse-team/backup-components was found to contain malicious code...
Malicious code in vertamedia-clickhouse-datasource (npm)
The package vertamedia-clickhouse-datasource was found to contain malicious code...