Lucene search
K

7 matches found

CNNVD
CNNVD
added 2025/11/25 12:0 a.m.6 views

MongoDB Server 安全漏洞

MongoDB Server is a set of open source NoSQL databases from the American company MongoDB. The database provides collection-oriented storage, dynamic querying, data replication and automatic failover. A security vulnerability exists in MongoDB Server version v7.0 up to and including version 7.0.26...

6.5CVSS6.2AI score0.00192EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/08/20 4:57 a.m.2 views

CVE-2025-54551

Synapse Mobility 8.0, 8.0.1, 8.0.2, 8.1, and 8.1.1 contain a privilege escalation vulnerability through external control of Web parameter. If exploited, a user of the product may escalate the privilege and access data that the user do not have permission to view by altering the parameters of the...

5.3CVSS7.6AI score0.0023EPSS
Exploits0References2
OSV
OSV
added 2025/08/11 1:53 p.m.12 views

BIT-LIBPHP-2021-21702 Null Dereference in SoapClient

In PHP versions 7.3.x below 7.3.27, 7.4.x below 7.4.15 and 8.0.x below 8.0.2, when using SOAP extension to connect to a SOAP server, a malicious SOAP server could return malformed XML data as a response that would cause PHP to access a null pointer and thus cause a crash...

7.5CVSS7.1AI score0.03179EPSS
Exploits0References8
OSV
OSV
added 2025/06/26 2:7 p.m.4 views

CVE-2025-6709 Pre-Authentication Denial of Service Vulnerability in MongoDB Server's OIDC Authentication

The MongoDB Server is susceptible to a denial of service vulnerability due to improper handling of specific date values in JSON input when using OIDC authentication. This can be reproduced using the mongo shell to send a malicious JSON payload leading to an invariant failure and server crash. Thi...

7.5CVSS6AI score0.00466EPSS
Exploits0References3
OSV
OSV
added 2024/10/01 10:15 a.m.3 views

UBUNTU-CVE-2023-3441

An issue has been discovered in GitLab EE/CE affecting all versions starting from 8.0 before 16.4. The product did not sufficiently warn about security implications of granting merge rights to protected branches...

9.1CVSS5.7AI score0.00554EPSS
Exploits1References6
OSV
OSV
added 2020/11/12 12:15 a.m.3 views

CVE-2020-1999

A vulnerability exists in the Palo Alto Network PAN-OS signature-based threat detection engine that allows an attacker to communicate with devices in the network in a way that is not analyzed for threats by sending data through specifically crafted TCP packets. This technique evades signature-bas...

5.3CVSS6.1AI score0.01321EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2012/05/03 12:0 a.m.6 views

PT-2012-2532 · Cisco · Cisco Asa

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliances ASA 5500 series devices versions 8.0 through 8.4 Description: The issue allows remote attackers to cause a denial of service by triggering a large number of stale connections, resulting in an incorrect value...

7.8CVSS6.7AI score0.01328EPSS
Exploits0References2
Rows per page
Query Builder