Filter

MongoDB MongoDBMongoDB 3.4.x before 3.4.10, and 3.5.x-development, has a disabled-by-default configuration setting,…

First published (updated )

MongoDB MongoDBCode execution on Windows via OpenSSL engine injection

8.2
First published (updated )

MongoDB MongoDBAuthentication bypass when using LDAP authentication in MongoDB Enterprise Server

8.1
First published (updated )

MongoDB MongoDBAccessing Untrusted Directory May Allow Local Privilege Escalation

7.8
EPSS
0.04%
First published (updated )

MongoDB MongoDBDenial of service via malformed network packet

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

MongoDB MongoDBDenial of Service when processing malformed Role names

7.5
First published (updated )

MongoDB MongoDBmongod in MongoDB 2.6, when using 2.4-style users, and 2.4 allow remote attackers to cause a denial …

7.5
First published (updated )

MongoDB MongoDBIn MongoDB libbson 1.7.0, the bson_iter_codewscope function in bson-iter.c miscalculates a bson_utf8…

7.5
First published (updated )

MongoDB MongoDBLarge aggregation pipelines with a specific stage can crash mongod under default configuration

7.5
First published (updated )

MongoDB MongoDBCertificate validation issue in MongoDB Server running on Windows or macOS

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

MongoDB MongoDBDenial of Service and Data Integrity vulnerability in features command

7.1
First published (updated )

MongoDB MongoDBAuthorization session conflation

7.1
First published (updated )

MongoDB MongoDBThe skyring-setup command creates random password for mongodb skyring database but it writes passwor…

First published (updated )

MongoDB MongoDBMongoDB Server binaries may load potentially insecure shared libraries from specific relative paths

EPSS
0.04%
First published (updated )

MongoDB MongoDBMissing authorization check may lead to shard key refinement

EPSS
0.05%
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

MongoDB MongoDBMongoDB Server secondaries may crash due to forced index constraints

EPSS
0.04%
First published (updated )

MongoDB MongoDBMongoDB 2.4.x before 2.4.5 and 2.5.x before 2.5.1 allows remote authenticated users to obtain intern…

First published (updated )

MongoDB MongoDBThe find prototype in scripting/engine_v8.h in MongoDB 2.4.0 through 2.4.4 allows remote authenticat…

First published (updated )

MongoDB MongoDBImproper neutralization of null byte leads to read overrun

First published (updated )

MongoDB MongoDBSpecific query can cause a DoS against MongoDB Server

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

MongoDB MongoDBInvariant failure in applyOps

First published (updated )

MongoDB MongoDBInvariant with $elemMatch

First published (updated )

MongoDB MongoDBPost-auth queries on compound index may crash mongod

First published (updated )

MongoDB MongoDBInvariant in IndexBoundsBuilder

First published (updated )

MongoDB MongoDB$mod can result in undefined behavior

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

MongoDB MongoDBInfinite loop in aggregation expression

First published (updated )

MongoDB MongoDBCrash while handling internal Javascript exception types

First published (updated )

MongoDB MongoDBCrash while joining collections with $lookup

First published (updated )

MongoDB MongoDBSpecific replication command with malformed oplog entries can crash secondaries

First published (updated )

MongoDB MongoDBUser may trigger invariant when allowed to send commands directly to shards

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203