Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mongodb mongodb - vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2022-24272
An authenticated user may trigger an invariant assertion during command dispatch due to incorrect validation on the $external database. This may result in mongod denial of service or server crash. This issue affects: MongoDB Inc. MongoDB Server v5.0 versions, prior to and includi...
Mongodb Mongodb
356
VMScore
CVE-2019-2393
A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which use $lookup and collations. This issue affects MongoDB Server v4.2 versions before 4.2.1; MongoDB Server v4.0 versions before 4.0.13 and MongoDB Server v3.6 ver...
Mongodb Mongodb
356
VMScore
CVE-2020-7923
A user authorized to perform database queries may cause denial of service by issuing specially crafted queries, which violate an invariant in the query subsystem's support for geoNear. This issue affects MongoDB Server v4.4 versions before 4.4.0-rc7; MongoDB Server v4.2 vers...
Mongodb Mongodb
356
VMScore
CVE-2020-7926
A user authorized to perform database queries may cause denial of service by issuing a specially crafted query which violates an invariant in the server selection subsystem. This issue affects MongoDB Server v4.4 versions prior to 4.4.1. Versions prior to 4.4 are not affected.
Mongodb Mongodb
356
VMScore
CVE-2018-20802
A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries with compound indexes affecting QueryPlanner. This issue affects MongoDB Server v3.6 versions before 3.6.9 and MongoDB Server v4.0 versions before 4.0.3.
Mongodb Mongodb
356
VMScore
CVE-2018-20803
A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which loop indefinitely in mathematics processing while retaining locks. This issue affects MongoDB Server v4.0 versions before 4.0.5; MongoDB Server v3.6 versions be...
Mongodb Mongodb
356
VMScore
CVE-2018-20805
A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which perform an $elemMatch . This issue affects MongoDB Server v4.0 versions before 4.0.5 and MongoDB Server v3.6 versions before 3.6.10.
Mongodb Mongodb
356
VMScore
CVE-2018-25004
A user authorized to performing a specific type of query may trigger a denial of service by issuing a generic explain command on a find query. This issue affects MongoDB Server v4.0 versions before 4.0.6 and MongoDB Server v3.6 versions before 3.6.11.
Mongodb Mongodb
356
VMScore
CVE-2019-20923
A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which throw unhandled Javascript exceptions containing types intended to be scoped to the Javascript engine's internals. This issue affects MongoDB Server v4.0 v...
Mongodb Mongodb
606
VMScore
CVE-2015-7882
Improper handling of LDAP authentication in MongoDB Server versions 3.0.0 to 3.0.6 allows an unauthenticated client to gain unauthorized access.
Mongodb Mongodb
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »