15 matches found
Security Bulletin: Vulnerabilities in Linux Kernel, MongoDB and Tomcat affect IBM Spectrum Protect Plus
Summary IBM Spectrum Protect Plus can be affected by vulnerabilities in MongoDB, Tomcat and Linux. Vulnerabilities include obtaining sensitive information, causing a denial of service condition, the elevation of privileges, remote execution of arbitrary code and bypassing security restrictions, a...
MongoDB Server 安全漏洞
MongoDB Server is an open-source NoSQL database developed by MongoDB, a US-based company. This database offers features such as collection-oriented storage, dynamic querying, data replication, and automatic failover. Vulnerabilities exist in versions of MongoDB Server prior to v8.2 8.2.2, v8.0...
Security Bulletin: Vulnerabilities in MongoDB, Python, Node.js, Golang Go, Linux kernel affect IBM Spectrum Protect Plus
Summary IBM Spectrum Protect Plus can be affected by vulnerabilities in MongoDB, Python, Node.js, Golang Go and Linux. Vulnerabilities include obtaining sensitive information, causing a denial of service condition, the elevation of privileges, query parameter smuggling, remote execution of...
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : MongoDB vulnerabilities (USN-8064-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8064-1 advisory. Eliot Horowitz discovered that MongoDB may fail to validate some instances of malformed BSON. A remote attacker could possibly use this...
CLEANSTART-2026-DT95939 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Multiple security vulnerabilities affect the mongodb package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...
CLEANSTART-2026-AT88149 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Multiple security vulnerabilities affect the mongodb package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...
EUVD-2019-11455
Malware in sbrugna...
Security Bulletin: Vulnerabilities in Node.js, Angular.js, Golang Go, Java, MongoDB, Linux kernel may affect IBM Spectrum Protect Plus
Summary IBM Spectrum Protect Plus can be affected by vulnerabilities in Node.js, Angular.js, Golang Go, Java, MongoDB Linux. Vulnerabilities include obtaining sensitive information, causing a denial of service condition, remote execution of arbitrary code on the system, and bypassing security...
ROS-20250505-09
Vulnerability of SSLManagerOpenSSL class of MongoDB database management system is related to lack of certificate revocation check. certificate revocation verification. Exploitation of the vulnerability could allow an attacker acting remotely, bypass security restrictions A vulnerability in the...
ROS-20250505-07
Vulnerability of SSLManagerOpenSSL class of MongoDB database management system is related to lack of certificate revocation check. certificate revocation verification. Exploitation of the vulnerability could allow an attacker acting remotely, bypass security restrictions A vulnerability in the...
ROS-20250505-08
Vulnerability of SSLManagerOpenSSL class of MongoDB database management system is related to lack of certificate revocation check. certificate revocation verification. Exploitation of the vulnerability could allow an attacker acting remotely, bypass security restrictions A vulnerability in the...
MongoDB -- Malformed wire protocol messages may cause mongos to crash
[email protected] reports: Specifically crafted MongoDB wire protocol messages can cause mongos to crash during command validation. This can occur without using an authenticated connection. This issue affects MongoDB v5.0 versions prior to 5.0.31, MongoDB v6.0 versions prior to6.0.20 and MongoDB v7...
PT-2025-11579
Name of the Vulnerable Software and Affected Versions libbson versions prior to 1.27.5 MongoDB Server v8.0 versions prior to 8.0.1 MongoDB Server v7.0 versions prior to 7.0.16 Description The various bson append functions in the MongoDB C driver library may be susceptible to buffer overflow when...
Security Bulletin: IBM Cloud Private is vulnerable to MongoDB vulnerabilities (CVE-2020-7926, CVE-2020-7925, CVE-2020-7928)
Summary IBM Cloud Private is vulnerable to MongoDB vulnerabilities Vulnerability Details CVEID: CVE-2020-7926 DESCRIPTION: MongoDB Server is vulnerable to a denial of service. By sending specially-crafted queries, a remote authenticated attacker could exploit this vulnerability to cause the syste...
Vulnerabilities fixed in MongoDB
Several vulnerabilities have been fixed in different versions of MongoDB. An unauthenticated malicious person with network access to the MongoDB server could potentially exploit the vulnerabilities to cause a denial-of-service. In addition, the vulnerabilities could potentially be exploited by an...