Vulnerabilidades em MongoDB Inc.
53 resultadosCVE-2020-7927HIGHPotential privilege escalation in Ops Manager APIEPSS 1.0%CVE-2021-32036MEDIUMDenial of Service and Data Integrity vulnerability in features commandEPSS 1.0%CVE-2019-2390HIGHCode execution on Windows via OpenSSL engine injectionEPSS 1.0%CVE-2018-25004MEDIUMInvariant failure when explaining a find with a UUIDEPSS 1.0%CVE-2019-2388MEDIUMPotential exposure of log information in Ops ManagerEPSS 1.0%CVE-2021-20329MEDIUMSpecific cstrings input may not be properly validated in the Go DriverEPSS 1.0%CVE-2021-20326MEDIUMSpecially crafted query may result in a denial of service of mongodEPSS 0.9%CVE-2019-2391MEDIUMJS-bson may incorrectly serialise some requestsEPSS 0.9%CVE-2023-0342LOWMongoDB Ops Manager may disclose sensitive information in Diagnostic ArchiveEPSS 0.9%CVE-2022-24272MEDIUMMongoDB Server (mongod) may crash in response to unexpected requestsEPSS 0.8%CVE-2020-7924MEDIUMSpecific command line parameter might result in accepting invalid certificateEPSS 0.7%CVE-2020-7922MEDIUMKubernetes Operator generates potentially insecure certificatesEPSS 0.7%CVE-2020-7921MEDIUMAdministrative action may disable enforcement of per-user IP whitelistingEPSS 0.7%CVE-2021-20331MEDIUMMongoDB C# Driver may publish events containing authentication-related data to a command listener configured by an applicationEPSS 0.6%CVE-2023-4009HIGHPrivilege Escalation for Project Owner and Project User Admin Roles in Ops ManagerEPSS 0.6%CVE-2021-20328MEDIUMMongoDB Java driver client-side field level encryption not verifying KMS host nameEPSS 0.4%CVE-2025-12657MEDIUMMalformed KMIP response may result in access violationEPSS 0.3%CVE-2026-6811MEDIUMPHP Stack ExhaustionEPSS 0.3%CVE-2021-20332MEDIUMMongoDB Rust Driver may publish events containing authentication-related data to a connection pool event listener configured by an applicationEPSS 0.3%CVE-2019-2389MEDIUMProcess termination via PID file manipulationEPSS 0.3%