CVE-2026-6914 MD5 checksum creation may cause availability loss

Computing the MD5 checksum of a malformed BSON object under specific conditions may cause loss of availability in MongoDB server. This issue affects all MongoDB Server v8.2 versions, all MongoDB Server v8.1 versions, MongoDB Server v8.0 versions prior to 8.0.21, MongoDB Server v7.0 versions prior...

EUVD-2025-199532

Clients may successfully perform a TLS handshake with a MongoDB server despite presenting a client certificate not aligning with the documented Extended Key Usage EKU requirements. A certificate that specifies extendedKeyUsage but is missing extendedKeyUsage = clientAuth may still be successfully...

EUVD-2022-0268

Malicious code in bioql PyPI...

EUVD-2024-47482

Malicious code in bioql PyPI...

PT-2025-40313

Name of the Vulnerable Software and Affected Versions MarkAny SafePC Enterprise versions 5.x.x and 7.0.0 through 7.0.1 Description An attacker can obtain server information using a Path Traversal flaw, potentially leading to SQL Injection. This also involves a possible Unrestricted Upload of File...

CVE-2019-16677

An issue was discovered in idreamsoft iCMS V7.0. admincp.php?app=members=del allows CSRF...

CVE-2025-3082

A user authorized to access a view may be able to alter the intended collation, allowing them to access to a different or unintended view of underlying data. This issue affects MongoDB Server v5.0 version prior to 5.0.31, MongoDB Server v6.0 version prior to 6.0.20, MongoDB Server v7.0 version...

CVE-2024-36615

FFmpeg n7.0 has a race condition vulnerability in the VP9 decoder. This could lead to a data race if video encoding parameters were being exported, as the side data would be attached in the decoder thread while being read in the output thread...

BIT-VALKEY-2022-33105

Redis v7.0 was discovered to contain a memory leak via the component streamGetEdgeID...

BIT-KEYDB-2022-33105

Redis v7.0 was discovered to contain a memory leak via the component streamGetEdgeID...

CVE-2024-3372

Improper validation of certain metadata input may result in the server not correctly serialising BSON. This can be performed pre-authentication and may cause unexpected application behavior including unavailability of serverStatus responses. This issue affects MongoDB Server v7.0 versions prior t...

MongoDB Server may have unexpected application behaviour due to invalid BSON

Improper validation of certain metadata input may result in the server not correctly serialising BSON. This can be performed pre-authentication and may cause unexpected application behavior including unavailability of serverStatus responses. This issue affects MongoDB Server v7.0 versions prior t...

CVE-2024-3372

CVE-2024-3372 : MongoDB servers are affected by improper validation of certain metadata input that may cause the server to mis-serialize BSON. The issue can be exploited pre-authentication and may lead to unexpected application behavior, including unavailability of serverStatus responses. Affecte...

CVE-2024-22526

Buffer Overflow vulnerability in bandisoft bandiview v7.0, allows local attackers to cause a denial of service DoS via exr image file...

BIT-REDIS-2022-33105

Redis v7.0 was discovered to contain a memory leak via the component streamGetEdgeID...

CVE-2024-24291

An issue in the component /member/index/login of yzmcms v7.0 allows attackers to direct users to malicious sites via a crafted URL...

CVE-2024-24291

An issue in the component /member/index/login of yzmcms v7.0 allows attackers to direct users to malicious sites via a crafted URL...

CVE-2024-24291

An issue in the component /member/index/login of yzmcms v7.0 allows attackers to direct users to malicious sites via a crafted URL...

CVE-2024-24291

CVE-2024-24291 affects yzmcms v7.0, impacting the /member/index/login component. A crafted URL can redirect users to malicious sites. The CVSS v3.1 score is 6.1 (Medium) with user interaction required and no confirmed patch version in the provided sources. Some references note no available fix ye...

CVE-2023-46535

TP-LINK TL-WR886N V7.03.0.14Build221115Rel.56908n.bin was discovered to contain a stack overflow via the function getResetVeriRegister...