CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

ATTACKERKB•added 2026/05/12 2:21 a.m.•4 views

CVE-2026-40134

Due to insufficient authorization checks in the SAP Incentive and Commission Management application, authenticated users could invoke a remote-enabled function module to perform table update operations. This vulnerability has a low impact on integrity with no impact on confidentiality and...

4.3CVSS5.8AI score0.0001EPSS

Exploits0References3Affected Software1

OSV•added 2019/08/15 6:15 p.m.•22 views

CVE-2018-14668

In ClickHouse before 1.1.54388, "remote" table function allowed arbitrary symbols in "user", "password" and "defaultdatabase" fields which led to Cross Protocol Request Forgery Attacks...

8.8CVSS7AI score

Exploits0References1

NVD•added 2019/08/15 6:15 p.m.•9 views

CVE-2018-14668

In ClickHouse before 1.1.54388, "remote" table function allowed arbitrary symbols in "user", "password" and "defaultdatabase" fields which led to Cross Protocol Request Forgery Attacks...

8.8CVSS8.8AI score0.00215EPSS

Exploits0References1

UbuntuCve•added 2019/08/15 6:15 p.m.•19 views

CVE-2018-14668

In ClickHouse before 1.1.54388, "remote" table function allowed arbitrary symbols in "user", "password" and "defaultdatabase" fields which led to Cross Protocol Request Forgery Attacks...

8.8CVSS7.2AI score0.00215EPSS

Exploits0References2

Prion•added 2019/08/15 6:15 p.m.•14 views

Server side request forgery (ssrf)

In ClickHouse before 1.1.54388, "remote" table function allowed arbitrary symbols in "user", "password" and "defaultdatabase" fields which led to Cross Protocol Request Forgery Attacks...

6.8CVSS8.7AI score0.00215EPSS

Exploits0References1Affected Software1

OSV•added 2019/08/15 6:15 p.m.•0 views

UBUNTU-CVE-2018-14668

In ClickHouse before 1.1.54388, "remote" table function allowed arbitrary symbols in "user", "password" and "defaultdatabase" fields which led to Cross Protocol Request Forgery Attacks...

8.8CVSS5.9AI score0.00215EPSS

Exploits0References3

CVE•added 2019/08/15 5:31 p.m.•102 views

CVE-2018-14668

CVE-2018-14668 affects ClickHouse versions before 1.1.54388. The vulnerability arises from the remote table function allowing arbitrary symbols in the fields “user”, “password”, and “default_database,” enabling Cross Protocol Request Forgery Attacks. The available connected documents confirm the ...

8.8CVSS8.7AI score0.00215EPSS

Exploits0References1Affected Software1

Cvelist•added 2019/08/15 5:31 p.m.•22 views

CVE-2018-14668

In ClickHouse before 1.1.54388, "remote" table function allowed arbitrary symbols in "user", "password" and "defaultdatabase" fields which led to Cross Protocol Request Forgery Attacks...

8.7AI score0.00215EPSS

Exploits0References1

ClickHouse•added 2018/06/28 12:0 a.m.•19 views

Fixed in ClickHouse Release 1.1.54388, 2018-06-28

"remote" table function allowed arbitrary symbols in "user", "password" and "defaultdatabase" fields which led to Cross Protocol Request Forgery Attacks...

7.2AI score

Exploits0Affected Software1

ClickHouse•added 2018/06/28 12:0 a.m.•8 views

CVE-2018-14668

"remote" table function allowed arbitrary symbols in "user", "password" and "defaultdatabase" fields which led to Cross Protocol Request Forgery Attacks. Andrey Krasichkov of Yandex Information Security Team...

8.8CVSS5.5AI score0.00215EPSS

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by