Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mongodb c vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2021-32050
Some MongoDB Drivers may erroneously publish events containing authentication-related data to a command listener configured by an application. The published events may contain security-sensitive data when specific authentication-related commands are executed. Without due care, an...
Mongodb C++
Mongodb Node.js
Mongodb Swift Driver
Mongodb Php Driver
Mongodb C Driver
4.9
CVSSv3
CVE-2021-20331
Specific versions of the MongoDB C# Driver may erroneously publish events containing authentication-related data to a command listener configured by an application. The published events may contain security-sensitive data when commands such as "saslStart", "saslCo...
Mongodb C# Driver
Mongodb C# Driver 2.11.0
7.5
CVSSv3
CVE-2023-0437
When calling bson_utf8_validate on some inputs a loop with an exit condition that cannot be reached may occur, i.e. an infinite loop. This issue affects All MongoDB C Driver versions prior to versions 1.25.0.
Mongodb C Driver
7.2
CVSSv3
CVE-2022-48282
Under very specific circumstances (see Required configuration section below), a privileged user is able to cause arbitrary code to be executed which may cause further disruption to services. This is specific to applications written in C#. This affects all MongoDB .NET/C# Driver v...
Mongodb C# Driver
5.5
CVSSv3
CVE-2020-12135
bson prior to 0.8 incorrectly uses int rather than size_t for many variables, parameters, and return values. In particular, the bson_ensure_space() parameter bytesNeeded could have an integer overflow via properly constructed bson input.
Whoopsie Project Whoopsie
Mongodb C Driver
1 Github repository
7.5
CVSSv3
CVE-2017-14227
In MongoDB libbson 1.7.0, the bson_iter_codewscope function in bson-iter.c miscalculates a bson_utf8_validate length argument, which allows remote malicious users to cause a denial of service (heap-based buffer over-read in the bson_utf8_validate function in bson-utf8.c), as demo...
Mongodb Mongodb 1.7.0
8.1
CVSSv3
CVE-2018-16790
_bson_iter_next_internal in bson-iter.c in libbson 1.12.0, as used in MongoDB mongo-c-driver and other products, has a heap-based buffer over-read via a crafted bson buffer.
Mongodb Libbson 1.12.0
NA
CVE-2024-26658
In the Linux kernel, the following vulnerability has been resolved: bcachefs: grab s_umount only if snapshotting When I was testing mongodb over bcachefs with compression, there is a lockdep warning when snapshotting mongodb data volume. $ cat test.sh prog=bcachefs $prog subvolum...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2018-25103
CVE-2024-36279
CVE-2024-38457
elevation of privilege
CVE-2024-27801
CVE-2024-30103
NULL pointer dereference
CVE-2024-6057
XML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started