MongoDB Latest High & Critical Vulnerabilities
Latest High & Critical vulnerabilities published by mongodb
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Local Privilege Escalation Vulnerability Affects MongoDB Servers
CVE-2024-7553MongoDBMongodb7.8HIGHMongoDB Compass Vulnerable to Code Injection Due to Sandbox Protection Settings
CVE-2024-6376MongoDBMongodb Compassπ°9.8CRITICALMongoDB Server Vulnerability: Improper Metadata Validation May Cause Server Unavailability
CVE-2024-3372MongoDBMongodb Server7.5HIGHTLS Certificate Validation Bypass Vulnerability Affects MongoDB Server Versions Prior to 7.0.5, 6.0.13, 5.0.24, and 4.4.28
CVE-2024-1351MongoDBMongodb Server8.8HIGHMongoDB client C Driver may infinitely loop when validating certain BSON input data
CVE-2023-0437MongoDBMongodb C Driver7.5HIGHSecret logging may occur in debug mode of Atlas Operator
CVE-2023-0436MongoDBMongoDB Atlas Kubernet...7.5HIGHSome MongoDB Drivers may publish events containing authentication-related data to a command listener configured by an application
CVE-2021-32050MongoDBMongodb C Driver7.5HIGHCertificate validation issue in MongoDB Server running on Windows or macOS
CVE-2023-1409MongoDBMongodb Server7.5HIGHPrivilege Escalation for Project Owner and Project User Admin Roles in Ops Manager
CVE-2023-4009MongoDBMongodb Ops Manager7.2HIGHLarge aggregation pipelines with a specific stage can crash mongod under default configuration
CVE-2021-32040MongoDBMongodb Server7.5HIGHDenial of service via malformed network packet
CVE-2019-20925MongoDBMongodb Server7.5HIGHDenial of Service when processing malformed Role names
CVE-2020-7925MongoDBMongodb Server7.5HIGHDeserialization Vulnerability in BSON Package Affecting Multiple Applications
CVE-2020-7610MongodbBson9.8CRITICALDenial of Service Vulnerability in MongoDB BSON Ruby by Moped
CVE-2015-4411MongodbBson7.5HIGHImproper File Creation Vulnerability in OpenShift MongoDB Cartridge
CVE-2013-0165Openshift Mongodb...Openshift Mongodb Cart...7.3HIGHCode execution on Windows via OpenSSL engine injection
CVE-2019-2390MongoDBMongodb Server8.2HIGHAuthorization session conflation
CVE-2019-2386MongoDBMongodb Server7.1HIGHAuthentication bypass when using LDAP authentication in MongoDB Enterprise Server
CVE-2015-7882MongodbMongodb8.1HIGH- CVE-2018-16790MongodbLibbson8.1HIGH
- CVE-2018-13863MongodbJs-bson7.5HIGH
- CVE-2017-15535MongodbMongodb9.1CRITICAL
- CVE-2017-14227MongodbMongodb7.5HIGH
- CVE-2016-3104MongodbMongodb7.5HIGH
7 August 2024
1 July 2024
14 May 2024
7 March 2024
12 January 2024
7 November 2023
29 August 2023
23 August 2023
8 August 2023
12 April 2022
24 November 2020
23 November 2020
30 March 2020
20 February 2020
1 November 2019
30 August 2019
6 August 2019
19 July 2019
10 September 2018
10 July 2018
1 November 2017
9 September 2017
14 April 2017
No more vulnerabilities to load.