20 matches found
Security Bulletin: Multiple Vulnerabilities in IBM CloudPak for AIOps
Summary Multiple vulnerabilities were addressed in IBM Cloud Pak for AIOps version 4.11.1 Vulnerability Details CVEID:CVE-2025-8129 DESCRIPTION: A vulnerability, which was classified as problematic, was found in KoaJS Koa up to 3.0.0. Affected is the function back in the library lib/response.js o...
FreeBSD : mongodb -- Malformed $group Query May Cause MongoDB Server to Crash (a5395e02-a2ca-11f0-8402-b42e991fc52e)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the a5395e02-a2ca-11f0-8402-b42e991fc52e advisory. [email protected] reports: An authorized user can cause a crash in the MongoDB Server through a specially...
EUVD-2025-27034
Malicious code in bioql PyPI...
EUVD-2023-1125
Malicious code in bioql PyPI...
BIT-MONGODB-2025-10061 Malformed $group Query May Cause MongoDB Server to Crash
An authorized user can cause a crash in the MongoDB Server through a specially crafted $group query. This vulnerability is related to the incorrect handling of certain accumulator functions when additional parameters are specified within the $group operation. This vulnerability could lead to deni...
MongoDB 6.0.x < 6.0.25 / 7.0.x < 7.0.22 / 8.0.x < 8.0.12 / 8.1.x < 8.1.2 (SERVER-99616)
The version of MongoDB installed on the remote host is 6.0 prior to 6.0.25, 7.0 prior to 7.0.22, 8.0 prior to 8.0.12 and 8.1 prior to 8.1.2. It is, therefore, affected by a vulnerability as referenced in the SERVER-99616 advisory. - An authorized user can cause a crash in the MongoDB Server throu...
Linux Distros Unpatched Vulnerability : CVE-2025-10061
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An authorized user can cause a crash in the MongoDB Server through a specially crafted $group query. This vulnerability is related to the incorrect handling of...
CVE-2025-10061
An authorized user can cause a crash in the MongoDB Server through a specially crafted $group query. This vulnerability is related to the incorrect handling of certain accumulator functions when additional parameters are specified within the $group operation. This vulnerability could lead to deni...
CVE-2025-10061
An authorized user can cause a crash in the MongoDB Server through a specially crafted $group query. This vulnerability is related to the incorrect handling of certain accumulator functions when additional parameters are specified within the $group operation. This vulnerability could lead to deni...
CVE-2025-10061
An authorized user can cause a crash in the MongoDB Server through a specially crafted $group query. This vulnerability is related to the incorrect handling of certain accumulator functions when additional parameters are specified within the $group operation. This vulnerability could lead to deni...
UBUNTU-CVE-2025-10061
An authorized user can cause a crash in the MongoDB Server through a specially crafted $group query. This vulnerability is related to the incorrect handling of certain accumulator functions when additional parameters are specified within the $group operation. This vulnerability could lead to deni...
CVE-2025-10061 Malformed $group Query May Cause MongoDB Server to Crash
An authorized user can cause a crash in the MongoDB Server through a specially crafted $group query. This vulnerability is related to the incorrect handling of certain accumulator functions when additional parameters are specified within the $group operation. This vulnerability could lead to deni...
CVE-2025-10061 Malformed $group Query May Cause MongoDB Server to Crash
An authorized user can cause a crash in the MongoDB Server through a specially crafted $group query. This vulnerability is related to the incorrect handling of certain accumulator functions when additional parameters are specified within the $group operation. This vulnerability could lead to deni...
Malformed $group Query May Cause MongoDB Server to Crash
An authorized user can cause a crash in the MongoDB Server through a specially crafted $group query. This vulnerability is related to the incorrect handling of certain accumulator functions when additional parameters are specified within the $group operation. This vulnerability could lead to deni...
CVE-2025-10061
CVE-2025-10061 : An authorized user can crash the MongoDB Server via a specially crafted $group query. The issue arises from incorrect handling of certain accumulator functions when extra parameters are used in $group, potentially causing a denial of service if triggered repeatedly. Affected Mong...
mongodb -- Malformed $group Query May Cause MongoDB Server to Crash
[email protected] reports: An authorized user can cause a crash in the MongoDB Server through a specially crafted $group query. This vulnerability is related to the incorrect handling of certain accumulator functions when additional parameters are specified within the $group operation. This...
PT-2025-36331
Name of the Vulnerable Software and Affected Versions: MongoDB Server versions prior to 6.0.25 MongoDB Server versions prior to 7.0.22 MongoDB Server versions prior to 8.0.12 MongoDB Server versions prior to 8.1.2 Description: An authorized user can cause a crash in the MongoDB Server through a...
Update Rollup 13 for System Center 2012 R2 Operations Manager
Update Rollup 13 for System Center 2012 R2 Operations Manager Introduction This article describes the issues that are fixed in Update Rollup 13 for Microsoft System Center 2012 R2 Operations Manager. This article also contains the installation instructions for this update. Issues that are fixed...
CVE-2019-11363
A SQL injection vulnerability in Snare Central before 7.4.5 allows remote authenticated attackers to execute arbitrary SQL commands via the AgentConsole/UserGroupQuery.php ShowUser parameter...
Buffer Overflow in version .14
IC Radius version .14, and possibly earlier versions, contain a buffer overflow that occurs when trying to authenticate with a valid username longer than 24 characters. The culprit is in mysql.c, in the function sqlgetvpdata. This function is normally run 4 times during authentication. The second...