Vulnerabilities > Couchbase > Couchbase Server > 4.6.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-13 | CVE-2022-32560 | Missing Authorization vulnerability in Couchbase Server An issue was discovered in Couchbase Server before 7.0.4. | 7.5 |
| 2022-06-13 | CVE-2022-32564 | Unspecified vulnerability in Couchbase Server An issue was discovered in Couchbase Server before 7.0.4. | 7.5 |
| 2022-06-02 | CVE-2021-33504 | Unspecified vulnerability in Couchbase Server Couchbase Server before 7.1.0 has Incorrect Access Control. | 4.9 |
| 2021-09-29 | CVE-2021-35945 | Classic Buffer Overflow vulnerability in Couchbase Server Couchbase Server 6.5.x, 6.6.0 through 6.6.2, and 7.0.0, has a Buffer Overflow. | 7.5 |
| 2021-05-10 | CVE-2021-25645 | Cleartext Storage of Sensitive Information vulnerability in Couchbase Server An issue was discovered in Couchbase Server before 6.0.5, 6.1.x through 6.5.x before 6.5.2, and 6.6.x before 6.6.1. | 4.4 |
| 2020-02-22 | CVE-2020-9039 | Incorrect Default Permissions vulnerability in Couchbase Server Couchbase Server 4.0.0, 4.1.0, 4.1.1, 4.5.0, 4.5.1, 4.6.0 through 4.6.5, 5.0.0, 5.1.1, 5.5.0 and 5.5.1 have Insecure Permissions for the projector and indexer REST endpoints (they allow unauthenticated access).The /settings REST endpoint exposed by the projector process is an endpoint that administrators can use for various tasks such as updating configuration and collecting performance profiles. | 9.8 |
| 2019-09-10 | CVE-2019-11496 | Missing Authentication for Critical Function vulnerability in Couchbase Server In versions of Couchbase Server prior to 5.0, the bucket named "default" was a special bucket that allowed read and write access without authentication. | 9.1 |