Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
couchbase vulnerabilities and exploits
(subscribe to this query)
9
CVSSv2
CVE-2018-8007
Apache CouchDB administrative users can configure the database server via HTTP(S). Due to insufficient validation of administrator-supplied configuration settings via the HTTP API, it is possible for a CouchDB administrator user to escalate their privileges to that of the operati...
Apache Couchdb
NA
CVE-2024-23302
Couchbase Server prior to 7.2.4 has a private key leak in goxdcr.log.
NA
CVE-2023-49930
An issue exists in Couchbase Server prior to 7.2.4. cURL calls to /diag/eval are not sufficiently restricted.
NA
CVE-2023-49932
An issue exists in Couchbase Server prior to 7.2.4. An attacker can bypass SQL++ N1QL cURL host restrictions.
NA
CVE-2023-49931
An issue exists in Couchbase Server prior to 7.2.4. SQL++ cURL calls to /diag/eval are not sufficiently restricted.
NA
CVE-2023-45874
An issue exists in Couchbase Server up to and including 7.2.2. A data reader may cause a denial of service (outage of reader threads).
NA
CVE-2023-43769
An issue exists in Couchbase Server up to and including 7.1.4 prior to 7.1.5 and prior to 7.2.1. There are Unauthenticated RMI Service Ports Exposed in Analytics.
NA
CVE-2023-50437
An issue exists in Couchbase Server prior to 7.2.x prior to 7.2.4. otpCookie is shown with full admin on pools/default/serverGroups and engageCluster2.
NA
CVE-2023-45873
An issue exists in Couchbase Server up to and including 7.2.2. A data reader may cause a denial of service (application exist) because of the OOM killer.
NA
CVE-2023-49338
Couchbase Server 7.1.x and 7.2.x prior to 7.2.4 does not require authentication for the /admin/stats and /admin/vitals endpoints on TCP port 8093 of localhost.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
firmware
CVE-2006-4304
CVE-2024-32878
CVE-2024-31502
XSS
CVE-2024-3059
CVE-2024-33692
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »