CVE-2021-32040 Large aggregation pipelines with a specific stage can crash mongod under default configuration

It may be possible to have an extremely long aggregation pipeline in conjunction with a specific stage/operator and cause a stack overflow due to the size of the stack frames used by that stage. If an attacker could cause such an aggregation to occur, they could maliciously crash MongoDB in a DoS...

CVE-2021-32040

CVE-2021-32040 affects MongoDB Server, where an extremely long aggregation pipeline combined with a specific stage/operator can cause a stack overflow and crash the server (a DoS condition). Affected releases include MongoDB Server v4.4 up to 4.4.28, v5.0 up to 5.0.4, and v4.2 up to 4.2.16. The r...

CVE-2021-32040 Large aggregation pipelines with a specific stage can crash mongod under default configuration

It may be possible to have an extremely long aggregation pipeline in conjunction with a specific stage/operator and cause a stack overflow due to the size of the stack frames used by that stage. If an attacker could cause such an aggregation to occur, they could maliciously crash MongoDB in a DoS...

CVE-2021-32040

Removed by vendor...

SQL Injection

com.yahoo.elide:elide-datastore-aggregation is vulnerable to SQL Injection attacks. A specifically crafted query statement through a parameterized TEXT column allows a malicious user to inject and execute arbitrary SQL queries via the ValueType enum...

PT-2022-10064 · Mongodb +1 · Mongodb Server +2

Name of the Vulnerable Software and Affected Versions: MongoDB Server versions prior to 4.2.16 MongoDB Server versions 4.4 prior to and including 4.4.28 MongoDB Server versions 5.0 prior to 5.0.4 Description: It may be possible to have an extremely long aggregation pipeline in conjunction with a...

Large aggregation pipelines with a specific stage can crash mongod under default configuration

It may be possible to have an extremely long aggregation pipeline in conjunction with a specific stage/operator and cause a stack overflow due to the size of the stack frames used by that stage. If an attacker could cause such an aggregation to occur, they could maliciously crash MongoDB in a DoS...

CVE-2022-24827 SQL Injection in elide-datastore-aggregation

Elide is a Java library that lets you stand up a GraphQL/JSON-API web service with minimal effort. When leveraging the following together: Elide Aggregation Data Store for Analytic Queries, Parameterized Columns A column that requires a client provided parameter, and a parameterized column of typ...

GHSA-8XPJ-9J9G-FC9R SQL Injection in elide-datastore-aggregation

Impact When leveraging the following together: - Elide Aggregation Data Store for Analytic Queries - Parameterized Columns A column that requires a client provided parameter - A parameterized column of type TEXT There is the potential for a hacker to provide a carefully crafted query that would...

SQL Injection in elide-datastore-aggregation

Impact When leveraging the following together: - Elide Aggregation Data Store for Analytic Queries - Parameterized Columns A column that requires a client provided parameter - A parameterized column of type TEXT There is the potential for a hacker to provide a carefully crafted query that would...

com.yahoo.elide:elide-spring-boot-starter (=6.1.3), com.yahoo.elide:elide-standalone (=6.1.3) potentially affected by CVE-2022-24827 via com.yahoo.elide:elide-datastore-aggregation (=6.1.3)

com.yahoo.elide:elide-datastore-aggregation MAVEN version =6.1.3 is affected by a known vulnerability. The following packages have a transitive dependency on com.yahoo.elide:elide-datastore-aggregation and may be impacted: - com.yahoo.elide:elide-spring-boot-starter =6.1.3 -...

FreeBSD-kernel -- Multiple WiFi issues

Problem Description: The paper "Fragment and Forge: Breaking Wi-Fi Through Frame Aggregation and Fragmentation" reported a number of security vulnerabilities in the 802.11 specification related to frame aggregation and fragmentation. Additionally, FreeBSD 12.x missed length validation of SSIDs an...

TWABDelegator allows easy circumvention of whale protection

Lines of code Vulnerability details In a recent interview, PoolTogether co-founder Leighton Cusack said: “Someone who had $1,000 right now into the USDC prize pool would have a 0.01% chance of winning a prize every week. That’s a less than 1% chance of winning a prize a year,” Cusack said. “With...

The Tripod Foundation of a Database Analytics Solution for Today’s Threat Landscape

In the first and second posts in this series, we explained why traditional approaches are no longer viable to take on today’s threat landscape and showed why internally-generated attacks are so difficult to stop. In this post, we’ll identify the critical elements of a highly effective database...

A walk through Project Zero metrics

Posted by Ryan Schoen, Project Zero tl;dr In 2021, vendors took an average of 52 days to fix security vulnerabilities reported from Project Zero. This is a significant acceleration from an average of about 80 days 3 years ago. In addition to the average now being well below the 90-day deadline, w...

ALPINE-CVE-2021-46664

MariaDB through 10.5.9 allows an application crash in subselectpostjoinaggr for a NULL value of aggr...

CVE-2021-46664

MariaDB through 10.5.9 allows an application crash in subselectpostjoinaggr for a NULL value of aggr...

Authentication Bypass

slurm-llnl is vulnerable to authentication bypass. when message aggregation is enabled, An attacker can exploit this vulnerability via an alternate path or channel while race condition allows a user to launch a process as an arbitrary user...

Vulnerabilities fixed in Cisco StarOS Software

Cisco has fixed vulnerabilities in StarOS, the operating system of a series of Aggregation Services Routers ASR. Because the debug mode was misconfigured, a remote malicious party may be able to access sensitive information and may be able to execute arbitrary code under the root privileges of th...

CVE-2022-22154

In a Junos Fusion scenario an External Control of Critical State Data vulnerability in the Satellite Device SD control state machine of Juniper Networks Junos OS allows an attacker who is able to make physical changes to the cabling of the device to cause a denial of service DoS. An SD can get...