CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

20 matches found

EUVD•added 2025/10/07 12:30 a.m.•0 views

EUVD-2021-0043

Malware in sbrugna...

9.8CVSS9.3AI score0.03109EPSS

Exploits0References6

RedhatCVE•added 2025/05/22 4:34 p.m.•2 views

CVE-2020-26759

clickhouse-driver before 0.1.5 allows a malicious clickhouse server to trigger a crash or execute arbitrary code on a database client via a crafted server response, due to a buffer overflow...

9.8CVSS7.7AI score0.03109EPSS

Exploits0

Hacker One•added 2021/06/03 9:36 p.m.•61 views

GitHub Security Lab: Python: Add support of clickhouse-driver package

This bug was reported directly to GitHub Security Lab...

1.1AI score

Exploits0

vulnersOsv•added 2021/04/07 8:50 p.m.•0 views

airflow-clickhouse-plugin (>=0.5.1 <=0.5.3), baluchon (=0.0.1) +4 more potentially affected by CVE-2020-26759 via clickhouse-driver (>=0.0.11 <=0.1.4)

clickhouse-driver PYPI version =0.0.11, =0.5.1, =0.0.4, =0.0.6, =2.2.0, =2.3.2 Source cves: CVE-2020-26759 Source advisory: OSV:GHSA-VGV5-CXVH-VFXH...

9.8CVSS7.2AI score0.03109EPSS

Exploits0

OSV•added 2021/04/07 8:50 p.m.•0 views

GHSA-VGV5-CXVH-VFXH Arbitrary code execution in clickhouse-driver

clickhouse-driver before 0.1.5 allows a malicious clickhouse server to trigger a crash or execute arbitrary code on a database client via a crafted server response, due to a buffer overflow...

9.8CVSS6.5AI score0.03109EPSS

Exploits0References6

Github Security Blog•added 2021/04/07 8:50 p.m.•67 views

Arbitrary code execution in clickhouse-driver

clickhouse-driver before 0.1.5 allows a malicious clickhouse server to trigger a crash or execute arbitrary code on a database client via a crafted server response, due to a buffer overflow...

9.8CVSS9.4AI score0.03109EPSS

Exploits0References5Affected Software1

Veracode•added 2021/01/07 5:26 a.m.•12 views

Arbitrary Code Execution

clickhouse-driver is vulnerable to arbitrary code execution. The vulnerability exists as it was possible to cause buffer overflow by suppling large values on the parameters which were Pyssizet typed...

9.8CVSS5.9AI score0.03109EPSS

Exploits0References2Affected Software1

NVD•added 2021/01/06 1:15 p.m.•5 views

CVE-2020-26759

clickhouse-driver before 0.1.5 allows a malicious clickhouse server to trigger a crash or execute arbitrary code on a database client via a crafted server response, due to a buffer overflow...

9.8CVSS9.7AI score0.03109EPSS

Exploits0References2

OSV•added 2021/01/06 1:15 p.m.•1 views

DEBIAN-CVE-2020-26759

clickhouse-driver before 0.1.5 allows a malicious clickhouse server to trigger a crash or execute arbitrary code on a database client via a crafted server response, due to a buffer overflow...

9.8CVSS9.5AI score0.03109EPSS

Exploits0References1

OSV•added 2021/01/06 1:15 p.m.•15 views

CVE-2020-26759

clickhouse-driver before 0.1.5 allows a malicious clickhouse server to trigger a crash or execute arbitrary code on a database client via a crafted server response, due to a buffer overflow...

9.8CVSS8.1AI score

Exploits0References2

UbuntuCve•added 2021/01/06 1:15 p.m.•19 views

CVE-2020-26759

clickhouse-driver before 0.1.5 allows a malicious clickhouse server to trigger a crash or execute arbitrary code on a database client via a crafted server response, due to a buffer overflow...

9.8CVSS7.8AI score0.03109EPSS

Exploits0References3

OSV•added 2021/01/06 1:15 p.m.•0 views

UBUNTU-CVE-2020-26759

clickhouse-driver before 0.1.5 allows a malicious clickhouse server to trigger a crash or execute arbitrary code on a database client via a crafted server response, due to a buffer overflow...

9.8CVSS8AI score0.03109EPSS

Exploits0References4

PyPA•added 2021/01/06 1:15 p.m.•5 views

PYSEC-2021-61

clickhouse-driver before 0.1.5 allows a malicious clickhouse server to trigger a crash or execute arbitrary code on a database client via a crafted server response, due to a buffer overflow...

9.8CVSS8AI score0.03109EPSS

Exploits0References3Affected Software1

Prion•added 2021/01/06 1:15 p.m.•12 views

Buffer overflow

clickhouse-driver before 0.1.5 allows a malicious clickhouse server to trigger a crash or execute arbitrary code on a database client via a crafted server response, due to a buffer overflow...

7.5CVSS9.6AI score0.03109EPSS

Exploits0References2Affected Software1

vulnersOsv•added 2021/01/06 1:15 p.m.•0 views

airflow-clickhouse-plugin (>=0.5.1 <=0.5.3), baluchon (=0.0.1) +4 more potentially affected by CVE-2020-26759 via clickhouse-driver (>=0.0.11 <=0.1.4)

clickhouse-driver PYPI version =0.0.11, =0.5.1, =0.0.4, =0.0.6, =2.2.0, =2.3.2 Source cves: CVE-2020-26759 Source advisory: OSV:PYSEC-2021-61...

9.8CVSS7.2AI score0.03109EPSS

Exploits0

OSV•added 2021/01/06 1:15 p.m.•1 views

PYSEC-2021-61

clickhouse-driver before 0.1.5 allows a malicious clickhouse server to trigger a crash or execute arbitrary code on a database client via a crafted server response, due to a buffer overflow...

9.8CVSS7.8AI score0.03109EPSS

Exploits0References3

Cvelist•added 2021/01/06 12:56 p.m.•11 views

CVE-2020-26759

clickhouse-driver before 0.1.5 allows a malicious clickhouse server to trigger a crash or execute arbitrary code on a database client via a crafted server response, due to a buffer overflow...

9.7AI score0.03109EPSS

Exploits0References2

Debian CVE•added 2021/01/06 12:56 p.m.•18 views

CVE-2020-26759

clickhouse-driver before 0.1.5 allows a malicious clickhouse server to trigger a crash or execute arbitrary code on a database client via a crafted server response, due to a buffer overflow...

9.8CVSS9.7AI score0.03109EPSS

Exploits0

CVE•added 2021/01/06 12:56 p.m.•69 views

CVE-2020-26759

CVE-2020-26759 affects the Python clickhouse-driver prior to version 0.1.5. A crafted server response from a malicious ClickHouse server can trigger a buffer overflow on the client, leading to a crash or arbitrary code execution on the affected client. The vulnerability is described consistently ...

9.8CVSS9.5AI score0.03109EPSS

Exploits0References2Affected Software1

Positive Technologies•added 2021/01/06 12:0 a.m.•1 views

PT-2021-11268 · Unknown +1 · Clickhouse-Driver +1

Name of the Vulnerable Software and Affected Versions: clickhouse-driver versions prior to 0.1.5 Description: The issue allows a malicious clickhouse server to trigger a crash or execute arbitrary code on a database client via a crafted server response, due to a buffer overflow. Recommendations:...

9.8CVSS9.6AI score0.03109EPSS

Exploits0References21

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by