477 matches found
CVE-2025-13643 MongoDB Server may allow queries to be terminated by unauthorized users
A user with access to the cluster with a limited set of privilege actions may be able to terminate queries that are being executed by other users. This may cause a denial of service by preventing a fraction of queries from successfully completing. This issue affects MongoDB Server v7.0 versions...
CVE-2025-12893 Improper Certificate Validation May Allow Successful TLS Handshaking Despite Invalid Extended Key Usage Fields in MongoDB Server
Clients may successfully perform a TLS handshake with a MongoDB server despite presenting a client certificate not aligning with the documented Extended Key Usage EKU requirements. A certificate that specifies extendedKeyUsage but is missing extendedKeyUsage = clientAuth may still be successfully...
CVE-2025-12893
CVE-2025-12893 affects MongoDB Server: vulnerable EKU handling allows TLS handshakes when client/server certificates have EKU fields that don’t match documented clientAuth/serverAuth, on Windows/Apple (Linux validation is correct). Impact is limited to specific MongoDB server lines: v7.0 before 7...
CVE-2025-13507
The CVE-2025-13507 entry describes an issue in MongoDB Server: inconsistent object size validation in the time series processing path can cause oversized BSON documents to be processed later, triggering an assertion and process termination. Affected versions are MongoDB Server v7.0 before 7.0.26,...
CVE-2025-13507 Time-series operations may cause internal BSON size limit to be exceed
Inconsistent object size validation in time series processing logic may result in later processing of oversized BSON documents leading to an assert failing and process termination. This issue impacts MongoDB Server v7.0 versions prior to 7.0.26, v8.0 versions prior to 8.0.16 and MongoDB server v8...
MongoDB Server 安全漏洞
MongoDB Server is a set of open source NoSQL databases from the American company MongoDB. The database provides collection-oriented storage, dynamic querying, data replication and automatic failover. A security vulnerability exists in MongoDB Server versions v7.0 through 7.0.26 prior, v8.0 throug...
MongoDB Server 安全漏洞
MongoDB Server is a set of open source NoSQL databases from the American company MongoDB. The database provides collection-oriented storage, dynamic querying, data replication and automatic failover. A security vulnerability exists in MongoDB Server versions 7.0 through 7.0.26 prior, 8.0 through...
MongoDB Server 安全漏洞
MongoDB Server is a set of open source NoSQL databases from the American company MongoDB. The database provides collection-oriented storage, dynamic querying, data replication and automatic failover. A security vulnerability exists in MongoDB Server version v7.0 up to and including version 7.0.26...
Malicious code in mongodb-server-yakutsk-ignite (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 57dcaba764b7d0683fc08db311198f703cf88073de862611d3f71439e3a4ded1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-124778
Malicious code in mongodb-server-yakutsk-ignite npm...
MongoDB Server 安全漏洞
MongoDB Server is a set of open source NoSQL databases from the American company MongoDB. The database provides collection-oriented storage, dynamic querying, data replication and automatic failover. A security vulnerability exists in MongoDB Server that stems from an over-tolerance of malformed...
UBUNTU-CVE-2025-11979
An authorized user may crash the MongoDB server by causing buffer over-read. This can be done by issuing a DDL operation while queries are being issued, under some conditions. This issue affects MongoDB Server v7.0 versions prior to 7.0.25, MongoDB Server v8.0 versions prior to 8.0.15, and MongoD...
CVE-2025-11979 Use-after-free in the MongoDB server query planner may lead to crash or undefined behavior
An authorized user may crash the MongoDB server by causing buffer over-read. This can be done by issuing a DDL operation while queries are being issued, under some conditions. This issue affects MongoDB Server v7.0 versions prior to 7.0.25, MongoDB Server v8.0 versions prior to 8.0.15, and MongoD...
Use-after-free in the MongoDB server query planner may lead to crash or undefined behavior
An authorized user may crash the MongoDB server by causing buffer over-read. This can be done by issuing a DDL operation while queries are being issued, under some conditions. This issue affects MongoDB Server v7.0 versions prior to 7.0.25, MongoDB Server v8.0 versions prior to 8.0.15, and MongoD...
MongoDB Server 安全漏洞
MongoDB Server is a set of open source NoSQL databases from the American company MongoDB. The database provides collection-oriented storage, dynamic querying, data replication and automatic failover. A security vulnerability exists in MongoDB Server versions 7.0 up to and including 7.0.25, 8.0 up...
EUVD-2020-28856
Malware in sbrugna...
EUVD-2018-13344
Malware in sbrugna...
EUVD-2020-28858
Malware in sbrugna...
EUVD-2020-28854
Malware in sbrugna...
EUVD-2020-28855
Malware in sbrugna...