5 matches found
CVE-2026-8199 Post-auth memory exhaustion via bitwise match expressions
An authenticated user can cause excess memory usage via bitwise match expression AST processing of $bitsAllSet, $bitsAnySet, $bitsAllClear, and $bitsAnyClear. This contributes to memory pressure and may lead to availability loss by OOM. This issue impacts MongoDB Server v7.0 versions prior to...
Shenzhen Guoxin Synthesis image system security vulnerability
Shenzhen Guoxin Synthesis image system is an image system from Shenzhen Guoxin Synthesis, a company based in Shenzhen, China. A security vulnerability exists in Shenzhen Guoxin Synthesis image system versions prior to 8.3.0, which stems from a default password of 123456Qw...
CVE-2019-17497
Tracker PDF-XChange Editor before 8.0.330.0 has an NTLM SSO hash theft vulnerability using crafted FDF or XFDF files a related issue to CVE-2018-4993. For example, an NTLM hash is sent for a link to \192.168.0.2\C$\file.pdf without user interaction...
CVE-2019-8447
The ServiceExecutor resource in Jira before version 8.3.2 allows remote attackers to trigger the creation of export files via a Cross-site request forgery CSRF vulnerability...
Advantech WebAccess Denial of Service Vulnerability (CNVD-2018-00673)
Advantech WebAccess is a set of HMI/SCADA software from Advantech based on browser architecture. The software supports dynamic graphic display and real-time data control, and provides remote control and management of automation equipment. A denial of service vulnerability exists in Advantech...