Lucene search
K

403 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/05/11 6:22 p.m.11 views

Security Bulletin: MongoDB Enterprised Advanced affected by: XML External Entity (XXE) vulnerability (CVE-2026-24400)

Summary There are vulnerabilities in assertj-core-3.27.6.jar used in MongoDB Enterprised Advanced for IBM, involving CVE-2026-24400. The vulnerability has been addressed. Vulnerability Details CVEID:CVE-2026-24400 DESCRIPTION: AssertJ provides Fluent testing assertions for Java and the Java Virtu...

9.1CVSS7.2AI score0.00542EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/11 6:16 p.m.7 views

Security Bulletin: MongoDB Enterprised Advanced affected by: Improper Input Validation vulnerability (CVE-2025-15284, CVE-2026-2391)

Summary There are vulnerabilities in qs-6.14.0.tgz, qs-6.14.1.tgz used in MongoDB Enterprised Advanced for IBM, involving CVE-2025-15284, CVE-2026-2391. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2025-15284 DESCRIPTION: Improper Input Validation vulnerability in qs...

7.5CVSS6.8AI score0.00478EPSS
Exploits2Affected Software1
Snyk
Snyk
added 2026/05/06 5:27 p.m.12 views

Buffer Overflow

Overview Affected versions of this package are vulnerable to Buffer Overflow via unsafe string copying in the canonicalization process. An attacker can execute arbitrary code or cause a denial of service by supplying a specially crafted username in the MongoDB URI with authMechanism=GSSAPI before...

8.6CVSS6.2AI score0.00126EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/29 12:0 a.m.11 views

PT-2026-35924

Cockpit v2.13.5 and earlier is vulnerable to arbitrary code execution via the filter parameter within multiple endpoints. This vulnerability allows an attacker to run system commands on the underlying infrastructure via the MongoLite $func operator...

6.2AI score0.00426EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/29 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-6691

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The MongoDB C Driver's Cyrus SASL integration performs unsafe string copying during username canonicalization, enabling a heap buffer overflow before any...

8.6CVSS6AI score0.00126EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2026/04/28 12:31 a.m.13 views

ai.ancf.lmos:arc-graphql-spring-boot-starter (>=0.114.0 <=0.120.0), ai.ancf.lmos:arc-memory-mongo-spring-boot-starter (>=0.114.0 <=0.120.0) +4735 more potentially affected by CVE-2026-40973 via org.springframework.boot:spring-boot (>=3.4.0 <=3.4.13)

org.springframework.boot:spring-boot MAVEN version =3.4.0, =0.114.0, =0.114.0, =0.114.0, =0.114.0, =0.5.0, =0.8.0, =1.17.0, =1.17.0, =1.17.0, =0.0.1, =0.0.1, =0.25.7-rc.64, =0.25.7-rc.68 and more Source cves: CVE-2026-40973 Source advisory: OSV:GHSA-WWPQ-F5C3-7HVX...

7CVSS5.7AI score0.00136EPSS
Exploits0
OSV
OSV
added 2026/04/23 3:10 p.m.10 views

JLSEC-2026-181

A mongocbulkoperationt may read invalid memory if large options are passed...

6.9CVSS5.7AI score0.0019EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/15 12:0 a.m.8 views

PT-2026-33173

Name of the Vulnerable Software and Affected Versions ApostropheCMS versions prior to 4.29.0 Description An authorization bypass exists in the REST API of this open-source Node.js content management system. Unauthenticated attackers can extract all distinct field values for any schema field type...

5.3CVSS5.3AI score0.00435EPSS
Exploits1References7
Snyk
Snyk
added 2026/04/13 5:34 p.m.5 views

Improper Check for Unusual or Exceptional Conditions

Overview Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions in the bsonvalidate function. An attacker can cause malformed or invalid UTF-8 sequences to bypass validation and be processed incorrectly by submitting specially crafted BSON data to...

7.5CVSS5.8AI score0.00184EPSS
Exploits0References2
Redos
Redos
added 2026/04/01 12:0 a.m.6 views

ROS-20260401-73-0039

Vulnerability in mongo-c-driver related to buffer copying without checking input data size. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.1CVSS6.1AI score0.00275EPSS
Exploits0
OpenVAS
OpenVAS
added 2026/03/30 12:0 a.m.4 views

Fedora: Security Advisory (FEDORA-2026-cc129df978)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

3.7CVSS5.9AI score0.00187EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2026/03/30 12:0 a.m.10 views

Fedora: Security Advisory (FEDORA-2026-c5273647fa)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

3.7CVSS5.9AI score0.00187EPSS
Exploits0References3
Fedora
Fedora
added 2026/03/28 1:6 a.m.6 views

[SECURITY] Fedora 42 Update: mongo-c-driver-1.30.7-2.fc42

mongo-c-driver is a client library written in C for MongoDB...

3.7CVSS5.8AI score0.00187EPSS
Exploits0
Fedora
Fedora
added 2026/03/28 12:46 a.m.9 views

[SECURITY] Fedora 43 Update: mongo-c-driver-1.30.7-2.fc43

mongo-c-driver is a client library written in C for MongoDB...

3.7CVSS5.8AI score0.00187EPSS
Exploits0
Fedora
Fedora
added 2026/03/28 12:19 a.m.6 views

[SECURITY] Fedora 44 Update: mongo-c-driver-1.30.7-2.fc44

mongo-c-driver is a client library written in C for MongoDB...

3.7CVSS5.8AI score0.00187EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/03/28 12:0 a.m.9 views

Fedora 42 : mongo-c-driver (2026-c5273647fa)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-c5273647fa advisory. - Fix handling in HTTP response parser CVE-2026-4359 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...

3.7CVSS6AI score0.00187EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/28 12:0 a.m.5 views

Fedora 43 : mongo-c-driver (2026-cc129df978)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-cc129df978 advisory. - Fix handling in HTTP response parser CVE-2026-4359 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...

3.7CVSS6AI score0.00187EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/28 12:0 a.m.4 views

Fedora 44 : mongo-c-driver (2026-508009213f)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-508009213f advisory. - Fix handling in HTTP response parser CVE-2026-4359 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...

3.7CVSS6AI score0.00187EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/03/27 11:4 p.m.197 views

websec-payloads

Web Security Payloads & Exploitation Reference Comprehensiv...

5.9AI score
Exploits0
OSV
OSV
added 2026/03/27 2:4 p.m.5 views

OESA-2026-1747 mongo-c-driver security update

mongo-c-driver is a project that includes two libraries: libmongoc, a client library written in C for MongoDB. libbson, a library providing useful routines related to building, parsing, and iterating BSON documents. Security Fixes: A compromised third party cloud server or man-in-the-middle...

3.7CVSS5.9AI score0.00187EPSS
Exploits0References2
Rows per page
Query Builder