Lucene search
K

12 matches found

RedhatCVE
RedhatCVE
added 2025/10/14 6:37 p.m.7 views

CVE-2025-11695

When tlsInsecure=False appears in a connection string, certificate validation is disabled. This vulnerability affects MongoDB Rust Driver versions prior to v3.2.5 Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Securi...

8CVSS6.3AI score0.00161EPSS
Exploits0References5
OSV
OSV
added 2025/10/13 6:31 p.m.7 views

GHSA-3P6W-GV5G-XJW9 MongoDB Rust Driver has certificate validation disabled when `tlsInsecure=False` appears in connection string

When tlsInsecure=False appears in a connection string, certificate validation is disabled. This vulnerability affects MongoDB Rust Driver versions prior to v3.2.5...

8CVSS6.8AI score0.00161EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2025/10/13 6:31 p.m.18 views

MongoDB Rust Driver has certificate validation disabled when `tlsInsecure=False` appears in connection string

When tlsInsecure=False appears in a connection string, certificate validation is disabled. This vulnerability affects MongoDB Rust Driver versions prior to v3.2.5...

8CVSS6.8AI score0.00161EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2025/10/13 4:22 p.m.10 views

CVE-2025-11695 Configuration may unexpectedly disable certificate validation

When tlsInsecure=False appears in a connection string, certificate validation is disabled. This vulnerability affects MongoDB Rust Driver versions prior to v3.2.5...

8CVSS0.00161EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/10/13 12:0 a.m.7 views

PT-2025-41792

Name of the Vulnerable Software and Affected Versions MongoDB Rust Driver versions prior to 3.2.5 Description The MongoDB Rust Driver is affected by an issue where setting tlsInsecure=False in a connection string disables certificate validation. Normally, this parameter should enforce strict TLS...

8CVSS6.4AI score0.00161EPSS
Exploits0References14
CNNVD
CNNVD
added 2025/10/13 12:0 a.m.5 views

MongoDB Rust Driver 安全漏洞

MongoDB Rust Driver is a MongoDB open source client library that allows Rust programs to connect to MongoDB databases. A security vulnerability exists in MongoDB Rust Driver versions prior to v3.2.5 that stems from disabling certificate validation, which could lead to a man-in-the-middle attack...

8CVSS6.3AI score0.00161EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/08/20 12:0 a.m.6 views

PT-2025-33894

Name of the Vulnerable Software and Affected Versions: Redirection for Contact Form 7 plugin for WordPress versions up to and including 3.2.4 Description: The Redirection for Contact Form 7 plugin for WordPress is vulnerable to PHP Object Injection via deserialization of untrusted input in the ge...

8.8CVSS7.1AI score0.00483EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/05/03 12:0 a.m.3 views

PT-2024-25686 · Kurwov · Kurwov

Name of the Vulnerable Software and Affected Versions: kurwov versions prior to 3.2.5 Description: The issue arises from an unsafe sanitization of dataset contents on the MarkovDatagetNext method used in Markovgenerate and Markovchoose. This allows a maliciously crafted string on the dataset to...

6.2CVSS7.3AI score0.00299EPSS
Exploits0References9
OSV
OSV
added 2019/09/17 9:15 p.m.1 views

DEBIAN-CVE-2019-16392

SPIP before 3.1.11 and 3.2 before 3.2.5 allows prive/formulaires/login.php XSS via error messages...

6.1CVSS6.8AI score0.0116EPSS
Exploits0References1
CNVD
CNVD
added 2019/09/17 12:0 a.m.1 views

SPIP Input Validation Error Vulnerability

SPIP is a Web-based content publishing system. The system is primarily used for online collaboration. An input validation error vulnerability exists in SPIP versions prior to 3.1.11 and 3.2.2 prior to 3.2.5, which arises from a web-based system or product that does not properly validate incoming...

6.1CVSS8.8AI score0.011EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2019/09/17 12:0 a.m.3 views

PT-2019-4105 · Spip +1 · Spip +1

Name of the Vulnerable Software and Affected Versions: SPIP versions prior to 3.1.11 SPIP versions 3.2 prior to 3.2.5 Description: The issue is related to the lack of protection of the web page structure in the SPIP content management system. This can be exploited by a remote attacker to compromi...

8.8CVSS5.8AI score0.07538EPSS
Exploits2References40
CNVD
CNVD
added 2017/03/30 12:0 a.m.2 views

Revive Adserver Elevation of Privilege Vulnerability

Revive Adserver is an open source advertising management system from the Revive Adserver team. The system provides ad placement, ad space management, data statistics and other functions. A security vulnerability exists in Revive Adserver versions prior to 3.2.5 and 4.0.0, which stems from the...

3.1CVSS5AI score0.01367EPSS
Exploits0References1
Rows per page
Query Builder