Search CVE reports
31 – 40 of 1818 results
An issue was discovered in MariaDB Server before 11.4.10, 11.5.x through 11.8.x before 11.8.6, and 12.x before 12.2.2. If the caching_sha2_password authentication plugin is installed, and some user accounts are configured to use...
5 affected packages
mariadb, mariadb-10.0, mariadb-10.1, mariadb-10.3, mariadb-10.6
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| mariadb | Not affected | Needs evaluation | Not in release | — | — |
| mariadb-10.0 | Not in release | Not in release | Not in release | — | — |
| mariadb-10.1 | Not in release | Not in release | Not in release | — | Needs evaluation |
| mariadb-10.3 | Not in release | Not in release | Not in release | Needs evaluation | — |
| mariadb-10.6 | Not in release | Not in release | Needs evaluation | — | — |
A user with access to the cluster with a limited set of privilege actions can trigger a crash of a mongod process during the limited and unpredictable window when the cluster is being promoted from a replica set to a sharded...
1 affected package
mongodb
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| mongodb | Not in release | Not in release | Not in release | Needs evaluation | Needs evaluation |
MariaDB server is a community developed fork of MySQL server. An authenticated user can crash MariaDB versions 11.4 before 11.4.10 and 11.8 before 11.8.6 via a bug in JSON_SCHEMA_VALID() function. Under certain conditions it might...
5 affected packages
mariadb, mariadb-10.0, mariadb-10.1, mariadb-10.3, mariadb-10.6
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| mariadb | Not affected | Needs evaluation | Not in release | — | — |
| mariadb-10.0 | Not in release | Not in release | Not in release | — | — |
| mariadb-10.1 | Not in release | Not in release | Not in release | — | Needs evaluation |
| mariadb-10.3 | Not in release | Not in release | Not in release | Needs evaluation | — |
| mariadb-10.6 | Not in release | Not in release | Needs evaluation | — | — |
A specially crafted aggregation query with $lookup by an authenticated user with write privileges can cause a double-free or use-after-free memory issue in the slot-based execution (SBE) engine when an in-memory hash table is...
1 affected package
mongodb
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| mongodb | Not in release | Not in release | Not in release | Needs evaluation | Needs evaluation |
A use-after-free vulnerability can be triggered in sharded clusters by an authenticated user with the read role who issues a specially crafted $lookup or $graphLookup aggregation pipeline.
1 affected package
mongodb
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| mongodb | Not in release | Not in release | Not in release | Needs evaluation | Needs evaluation |
An authenticated user with the read role may read limited amounts of uninitialized stack memory via specially-crafted issuances of the filemd5 command.
1 affected package
mongodb
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| mongodb | Not in release | Not in release | Not in release | Needs evaluation | Needs evaluation |
An authorized user may disable the MongoDB server by issuing a query against a collection that contains an invalid compound wildcard index.
1 affected package
mongodb
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| mongodb | Not in release | Not in release | Not in release | Vulnerable | Vulnerable |
An authorized user may trigger a server crash by running a $geoNear pipeline with certain invalid index hints.
1 affected package
mongodb
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| mongodb | Not in release | Not in release | Not in release | Vulnerable | Vulnerable |
Incorrect validation of the profile command may result in the determination that a request altering the 'filter' is read-only.
1 affected package
mongodb
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| mongodb | — | Not in release | Not in release | Not affected | Not affected |
Complex queries can cause excessive memory usage in MongoDB Query Planner resulting in an Out-Of-Memory Crash.
1 affected package
mongodb
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| mongodb | — | Not in release | Not in release | Not affected | Not affected |