Vulnerabilities > Couchbase > Couchbase Server
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-29 | CVE-2021-35944 | Classic Buffer Overflow vulnerability in Couchbase Server Couchbase Server 6.5.x, 6.6.x through 6.6.2, and 7.0.0 has a Buffer Overflow. | 7.5 |
| 2021-09-29 | CVE-2021-35945 | Classic Buffer Overflow vulnerability in Couchbase Server Couchbase Server 6.5.x, 6.6.0 through 6.6.2, and 7.0.0, has a Buffer Overflow. | 7.5 |
| 2021-05-26 | CVE-2021-25643 | Cleartext Transmission of Sensitive Information vulnerability in Couchbase Server An issue was discovered in Couchbase Server 5.x and 6.x before 6.5.2 and 6.6.x before 6.6.2. | 4.9 |
| 2021-05-19 | CVE-2021-27924 | Cleartext Transmission of Sensitive Information vulnerability in Couchbase Server An issue was discovered in Couchbase Server 6.x through 6.6.1. | 5.9 |
| 2021-05-19 | CVE-2021-25644 | Cleartext Storage of Sensitive Information vulnerability in Couchbase Server An issue was discovered in Couchbase Server 5.x and 6.x through 6.6.1 and 7.0.0 Beta. | 7.5 |
| 2021-05-19 | CVE-2021-27925 | Race Condition vulnerability in Couchbase Server An issue was discovered in Couchbase Server 6.5.x and 6.6.x through 6.6.1. | 4.4 |
| 2021-05-19 | CVE-2021-31158 | Incorrect Authorization vulnerability in Couchbase Server In the Query Engine in Couchbase Server 6.5.x and 6.6.x through 6.6.1, Common Table Expression queries were not correctly checking the user's permissions, allowing read-access to resources beyond what those users were explicitly allowed to access. | 6.5 |
| 2021-05-10 | CVE-2021-25645 | Cleartext Storage of Sensitive Information vulnerability in Couchbase Server An issue was discovered in Couchbase Server before 6.0.5, 6.1.x through 6.5.x before 6.5.2, and 6.6.x before 6.6.1. | 4.4 |
| 2020-11-12 | CVE-2020-24719 | OS Command Injection vulnerability in Couchbase Server 6.5.1/6.5.2 Exposed Erlang Cookie could lead to Remote Command Execution (RCE) attack. | 9.8 |
| 2020-06-08 | CVE-2020-9042 | Cross-Site Request Forgery (CSRF) vulnerability in Couchbase Server 6.0.0 In Couchbase Server 6.0, credentials cached by a browser can be used to perform a CSRF attack if an administrator has used their browser to check the results of a REST API request. | 8.8 |