Lucene search
K

31 matches found

CNNVD
CNNVD
added 2025/10/17 12:0 a.m.8 views

DataEase 代码问题漏洞

DataEase is a set of Java-based development of open source data visualization and analysis tools to help users quickly analyze data and insight into business trends , so as to achieve business improvement and optimization . A code injection vulnerability exists in DataEase DB2/MongoDB JDBC...

8.2CVSS8AI score0.00393EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/03/12 12:0 a.m.4 views

Apache NiFi 安全漏洞

Apache NiFi is a data processing and distribution system from the Apache USA Foundation. The system is primarily used for data routing, transformation, and system brokering logic. A security vulnerability exists in Apache NiFi versions 1.13.0 through 2.2.0, which stems from the possibility that...

6.9CVSS9.1AI score0.01135EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/09/11 12:0 a.m.16 views

PT-2024-7097 · Cisco · Cisco Routed Pon Controller +1

Name of the Vulnerable Software and Affected Versions: Cisco Routed PON Controller Software affected versions not specified Description: The issue exists due to insufficient validation of arguments passed to specific configuration commands, allowing an authenticated, remote attacker with...

9CVSS8.4AI score0.01098EPSS
Exploits0References9
CNNVD
CNNVD
added 2023/09/27 12:0 a.m.23 views

Jumpserver Code Injection Vulnerability

Jumpserver is an open source bastion machine from Hangzhou Feizhiyun Information Technology Co. in China. JumpServer suffers from a code injection vulnerability that originates from an authenticated user who can execute arbitrary commands using a vulnerability in a MongoDB session, leading to...

9.9CVSS8.6AI score0.01716EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:35 a.m.5 views

SUSE CVE-2013-4650

MongoDB 2.4.x before 2.4.5 and 2.5.x before 2.5.1 allows remote authenticated users to obtain internal system privileges by leveraging a username of system in an arbitrary database...

6.5CVSS7.8AI score0.01653EPSS
Exploits2References3
CNNVD
CNNVD
added 2022/09/23 12:0 a.m.4 views

Rocket.Chat 信息泄露漏洞

Rocket.Chat is an open source team chat software. Rocket.Chat suffers from an information disclosure vulnerability that stems from the actionLinkHandler method allowing message ID enumeration using a Regex MongoDB query. An attacker can exploit the vulnerability to obtain sensitive information...

4.3CVSS6.1AI score0.00673EPSS
Exploits1References2
GithubExploit
GithubExploit
added 2022/07/13 2:7 p.m.10 views

Exploit for Expression Language Injection in Vmware Spring_Data_Mongodb

Springcve-2022-22980 spring data mongodb remote code executio...

9.8CVSS9AI score0.16903EPSS
Exploits3
Positive Technologies
Positive Technologies
added 2022/06/01 12:0 a.m.4 views

PT-2022-4943 · Unknown · Rocket.Chat

Name of the Vulnerable Software and Affected Versions: Rocket.Chat versions prior to 5 Rocket.Chat versions prior to 4.8.2 Rocket.Chat versions prior to 4.7.5 Description: An information disclosure issue exists due to insufficient input validation in the actionLinkHandler method, allowing Message...

4.3CVSS4.2AI score0.00673EPSS
Exploits1References7
CNNVD
CNNVD
added 2020/12/11 12:0 a.m.8 views

Mquery Security Vulnerability

Aheckmann Mquery is a Javascript-based codebase for efficiently generating Mongdb query statements from the individual developer Aheckmann. A security vulnerability exists in mquery lib/utils.js versions prior to 3.2.3, which allows contamination attacks because a special attribute e.g. proto can...

5.3CVSS6AI score0.01028EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2019/11/01 12:0 a.m.5 views

PT-2019-6829 · Red Hat · Openshift

Name of the Vulnerable Software and Affected Versions: OpenShift affected versions not specified Description: The issue is related to the improper creation of files in /tmp by the dump.sh script in the cartridges/openshift-origin-cartridge-mongodb-2.2/info/bin directory of OpenShift...

7.5CVSS7AI score0.00813EPSS
Exploits0References2
CNVD
CNVD
added 2015/03/09 12:0 a.m.3 views

PHPMoAdmin 'moadmin.php' Remote Code Execution Vulnerability

phpMoAdmin is a PHP development in the MongoDB management tools , can be used to create , delete and modify databases and indexes , provide views and data search tools , provide database startup time and memory statistics , support JSON. A remote code execution vulnerability exists in PHPMoAdmin...

8.5AI score
Exploits0References1
Rows per page
Query Builder