Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mongodb mongodb - vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2017-15535
MongoDB 3.4.x prior to 3.4.10, and 3.5.x-development, has a disabled-by-default configuration setting, networkMessageCompressors (aka wire protocol compression), which exposes a vulnerability when enabled that could be exploited by a malicious malicious user to deny service or mo...
Mongodb Mongodb
2.1
CVSSv2
CVE-2014-8180
MongoDB on Red Hat Satellite 6 allows local users to bypass authentication by logging in with an empty password and delete information which can cause a Denial of Service.
Mongodb Mongodb
4
CVSSv2
CVE-2018-25004
A user authorized to performing a specific type of query may trigger a denial of service by issuing a generic explain command on a find query. This issue affects MongoDB Server v4.0 versions before 4.0.6 and MongoDB Server v3.6 versions before 3.6.11.
Mongodb Mongodb
4
CVSSv2
CVE-2019-20923
A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which throw unhandled Javascript exceptions containing types intended to be scoped to the Javascript engine's internals. This issue affects MongoDB Server v4.0 v...
Mongodb Mongodb
4
CVSSv2
CVE-2019-20924
A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries which trigger an invariant in the IndexBoundsBuilder. This issue affects MongoDB Server v4.2 versions before 4.2.2.
Mongodb Mongodb
5
CVSSv2
CVE-2019-20925
An unauthenticated client can trigger denial of service by issuing specially crafted wire protocol messages, which cause the message decompressor to incorrectly allocate memory. This issue affects MongoDB Server v4.2 versions before 4.2.1; MongoDB Server v4.0 versions before 4.0....
Mongodb Mongodb
4
CVSSv2
CVE-2018-20802
A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries with compound indexes affecting QueryPlanner. This issue affects MongoDB Server v3.6 versions before 3.6.9 and MongoDB Server v4.0 versions before 4.0.3.
Mongodb Mongodb
4
CVSSv2
CVE-2018-20803
A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which loop indefinitely in mathematics processing while retaining locks. This issue affects MongoDB Server v4.0 versions before 4.0.5; MongoDB Server v3.6 versions be...
Mongodb Mongodb
4
CVSSv2
CVE-2018-20804
A user authorized to perform database queries may trigger denial of service by issuing specially crafted applyOps invocations. This issue affects MongoDB Server v4.0 versions before 4.0.10 and MongoDB Server v3.6 versions before 3.6.13.
Mongodb Mongodb
4
CVSSv2
CVE-2018-20805
A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which perform an $elemMatch . This issue affects MongoDB Server v4.0 versions before 4.0.5 and MongoDB Server v3.6 versions before 3.6.10.
Mongodb Mongodb
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »