Vulnerabilities > Couchbase

DATE CVE VULNERABILITY TITLE RISK
2021-09-29 CVE-2021-35943 Incorrect Authorization vulnerability in Couchbase Server
Couchbase Server 6.5.x and 6.6.x through 6.6.2 has Incorrect Access Control.
network
low complexity
couchbase CWE-863
7.5
2021-09-29 CVE-2021-35944 Classic Buffer Overflow vulnerability in Couchbase Server
Couchbase Server 6.5.x, 6.6.x through 6.6.2, and 7.0.0 has a Buffer Overflow.
network
low complexity
couchbase CWE-120
5.0
2021-09-29 CVE-2021-35945 Classic Buffer Overflow vulnerability in Couchbase Server
Couchbase Server 6.5.x, 6.6.0 through 6.6.2, and 7.0.0, has a Buffer Overflow.
network
low complexity
couchbase CWE-120
5.0
2021-05-26 CVE-2021-25643 Cleartext Transmission of Sensitive Information vulnerability in Couchbase Server
An issue was discovered in Couchbase Server 5.x and 6.x before 6.5.2 and 6.6.x before 6.6.2.
network
low complexity
couchbase CWE-319
4.0
2021-05-19 CVE-2021-27924 Cleartext Transmission of Sensitive Information vulnerability in Couchbase Server
An issue was discovered in Couchbase Server 6.x through 6.6.1.
network
couchbase CWE-319
4.3
2021-05-19 CVE-2021-25644 Cleartext Storage of Sensitive Information vulnerability in Couchbase Server
An issue was discovered in Couchbase Server 5.x and 6.x through 6.6.1 and 7.0.0 Beta.
network
low complexity
couchbase CWE-312
5.0
2021-05-19 CVE-2021-27925 Cleartext Transmission of Sensitive Information vulnerability in Couchbase Server
An issue was discovered in Couchbase Server 6.5.x and 6.6.x through 6.6.1.
network
couchbase CWE-319
3.5
2021-05-19 CVE-2021-31158 Incorrect Authorization vulnerability in Couchbase Server
In the Query Engine in Couchbase Server 6.5.x and 6.6.x through 6.6.1, Common Table Expression queries were not correctly checking the user's permissions, allowing read-access to resources beyond what those users were explicitly allowed to access.
network
low complexity
couchbase CWE-863
4.0
2021-05-10 CVE-2021-25645 Cleartext Storage of Sensitive Information vulnerability in Couchbase Server
An issue was discovered in Couchbase Server before 6.0.5, 6.1.x through 6.5.x before 6.5.2, and 6.6.x before 6.6.1.
local
low complexity
couchbase CWE-312
2.1
2020-11-12 CVE-2020-24719 OS Command Injection vulnerability in Couchbase Server 6.5.1
Exposed Erlang Cookie could lead to Remote Command Execution (RCE) attack.
network
low complexity
couchbase CWE-78
critical
10.0