Vulnerabilities > Mongodb > Mongodb
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-03-01 | CVE-2020-7929 | Unspecified vulnerability in Mongodb A user authorized to perform database queries may trigger denial of service by issuing specially crafted query contain a type of regex. | 6.5 |
2020-11-24 | CVE-2019-20925 | Incorrect Comparison vulnerability in Mongodb An unauthenticated client can trigger denial of service by issuing specially crafted wire protocol messages, which cause the message decompressor to incorrectly allocate memory. | 7.5 |
2020-11-23 | CVE-2018-20803 | Infinite Loop vulnerability in Mongodb A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which loop indefinitely in mathematics processing while retaining locks. | 6.5 |
2020-11-23 | CVE-2020-7928 | Unspecified vulnerability in Mongodb A user authorized to perform database queries may trigger a read overrun and access arbitrary memory by issuing specially crafted queries. | 6.5 |
2020-11-23 | CVE-2019-2393 | Use After Free vulnerability in Mongodb A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which use $lookup and collations. | 6.5 |
2020-11-23 | CVE-2019-2392 | Integer Overflow or Wraparound vulnerability in Mongodb A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which use the $mod operator to overflow negative values. | 6.5 |
2020-11-23 | CVE-2019-20924 | Improper Check for Unusual or Exceptional Conditions vulnerability in Mongodb 4.2.0/4.2.1 A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries which trigger an invariant in the IndexBoundsBuilder. | 6.5 |
2020-11-23 | CVE-2019-20923 | Unspecified vulnerability in Mongodb A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which throw unhandled Javascript exceptions containing types intended to be scoped to the Javascript engine's internals. | 6.5 |
2020-11-23 | CVE-2018-20805 | Excessive Iteration vulnerability in Mongodb A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which perform an $elemMatch . | 6.5 |
2020-11-23 | CVE-2018-20804 | Improper Input Validation vulnerability in Mongodb A user authorized to perform database queries may trigger denial of service by issuing specially crafted applyOps invocations. | 6.5 |