The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of MongoDB Server

MongoDB Server: code execution via Windows OpenSSL Configuration Files
An attacker can use a vulnerability via Windows OpenSSL Configuration Files of MongoDB Server, in order to run code...
CVE-2019-2390, VIGILANCE-VUL-30224
MongoDB Server: denial of service via SysV Init Scripts PID Kill
An attacker can trigger a fatal error via SysV Init Scripts PID Kill of MongoDB Server, in order to trigger a denial of service...
CVE-2019-2389, VIGILANCE-VUL-30223
MongoDB Server: privilege escalation via Deleted User Persistent Session
An attacker can bypass restrictions via Deleted User Persistent Session of MongoDB Server, in order to escalate his privileges...
CVE-2019-2386, TALOS-2019-0829, VIGILANCE-VUL-29973
libbson: out-of-bounds memory reading via _bson_iter_next_internal
An attacker can force a read at an invalid address via _bson_iter_next_internal() of libbson, in order to trigger a denial of service, or to obtain sensitive information...
CVE-2018-16790, FEDORA-2018-2062cd7548, FEDORA-2018-77d864ff39, VIGILANCE-VUL-27198
MongoDB: read-write access via Wire Protocol Compression
An attacker can bypass access restrictions via Wire Protocol Compression of MongoDB, in order to read or alter data...
CERTFR-2017-AVI-386, CVE-2017-15535, FEDORA-2017-774e7863a4, FEDORA-2017-913288e9a9, openSUSE-SU-2017:3018-1, openSUSE-SU-2017:3022-1, VIGILANCE-VUL-24311
MongoDB: vulnerability
A vulnerability of MongoDB was announced...
CERTFR-2017-AVI-276, CVE-2017-12926, VIGILANCE-VUL-23651, WT-2711
MongoDB: information disclosure via dbshell
A local attacker can read the ~/.dbshell file of a MongoDB user, in order to obtain sensitive information...
25335, CVE-2016-6494, DLA-588-1, DLA-588-2, FEDORA-2016-4cedbd4308, FEDORA-2016-89060100d7, SEC0019, VIGILANCE-VUL-20263
MongoDB Enterprise: privilege escalation via LDAP Authentication
An attacker can use the LDAP authentication of MongoDB Enterprise, in order to escalate his privileges...
CVE-2015-7882, VIGILANCE-VUL-18677
PCRE: buffer overflow of pcre_compile2
An attacker can generate a buffer overflow in pcre_compile2 of PCRE, in order to trigger a denial of service, and possibly to execute code...
bulletinjul2015, CERTFR-2015-AVI-265, CVE-2015-2326, openSUSE-SU-2015:0858-1, openSUSE-SU-2015:1216-1, RHSA-2016:2750-01, SERVER-18312, SSA:2015-162-02, SSA:2015-198-02, SUSE-SU-2015:1273-1, USN-2694-1, USN-2943-1, VIGILANCE-VUL-16880
PCRE: buffer overflow of compile_branch
An attacker can generate a buffer overflow in compile_branch of PCRE, in order to trigger a denial of service, and possibly to execute code...
CERTFR-2015-AVI-265, CVE-2015-2325, openSUSE-SU-2015:0858-1, openSUSE-SU-2015:1216-1, openSUSE-SU-2016:3099-1, RHSA-2016:2750-01, SERVER-18312, SOL16983, SSA:2015-162-02, SSA:2015-198-02, SUSE-SU-2015:1273-1, USN-2694-1, USN-2943-1, VIGILANCE-VUL-16879
Our database contains other pages. You can request a free trial to read them.

Display information about MongoDB Server: