Vulnerabilities > Mongodb
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-03-06 | CVE-2012-6619 | Improper Input Validation vulnerability in Mongodb The default configuration for MongoDB before 2.3.2 does not validate objects, which allows remote authenticated users to cause a denial of service (crash) or read system memory via a crafted BSON object in the column name in an insert command, which triggers a buffer over-read. | 6.4 |
2013-10-01 | CVE-2013-3969 | Resource Management Errors vulnerability in Mongodb The find prototype in scripting/engine_v8.h in MongoDB 2.4.0 through 2.4.4 allows remote authenticated users to cause a denial of service (uninitialized pointer dereference and server crash) or possibly execute arbitrary code via an invalid RefDB object. | 6.5 |
2013-07-04 | CVE-2013-4650 | Permissions, Privileges, and Access Controls vulnerability in Mongodb MongoDB 2.4.x before 2.4.5 and 2.5.x before 2.5.1 allows remote authenticated users to obtain internal system privileges by leveraging a username of __system in an arbitrary database. | 6.5 |