| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2018-20803 | Infinite loop in aggregation expression | MongoDB Inc. | MongoDB Server | Medium | 6.5 | 2020-11-23 17:30:14 | Deep Dive |
| CVE-2020-7928 | Improper neutralization of null byte leads to read overrun | MongoDB Inc. | MongoDB Server | Medium | 6.5 | 2020-11-23 16:35:13 | Deep Dive |
| CVE-2019-2393 | Crash while joining collections with $lookup | MongoDB Inc. | MongoDB Server | Medium | 6.5 | 2020-11-23 15:30:25 | Deep Dive |
| CVE-2019-20923 | Crash while handling internal Javascript exception types | MongoDB Inc. | MongoDB Server | Medium | 6.5 | 2020-11-23 15:30:21 | Deep Dive |
| CVE-2019-20924 | Invariant in IndexBoundsBuilder | MongoDB Inc. | MongoDB Server | Medium | 6.5 | 2020-11-23 15:30:16 | Deep Dive |
| CVE-2019-2392 | $mod can result in undefined behavior | MongoDB Inc. | MongoDB Server | Medium | 6.5 | 2020-11-23 15:25:14 | Deep Dive |
| CVE-2018-20805 | Invariant with $elemMatch | MongoDB Inc. | MongoDB Server | Medium | 6.5 | 2020-11-23 15:20:14 | Deep Dive |
| CVE-2018-20802 | Post-auth queries on compound index may crash mongod | MongoDB Inc. | MongoDB Server | Medium | 6.5 | 2020-11-23 15:15:19 | Deep Dive |
| CVE-2018-20804 | Invariant failure in applyOps | MongoDB Inc. | MongoDB Server | Medium | 6.5 | 2020-11-23 15:15:14 | Deep Dive |
| CVE-2020-7926 | Specific query can cause a DoS against MongoDB Server | MongoDB Inc. | MongoDB Server | Medium | 6.5 | 2020-11-23 15:05:15 | Deep Dive |
| CVE-2020-7925 | Denial of Service when processing malformed Role names | MongoDB Inc. | MongoDB Server | High | 7.5 | 2020-11-23 14:50:12 | Deep Dive |
| CVE-2020-7923 | Specific GeoQuery can cause DoS against MongoDB Server | MongoDB Inc. | MongoDB Server | Medium | 6.5 | 2020-08-21 14:25:12 | Deep Dive |
| CVE-2020-7921 | Administrative action may disable enforcement of per-user IP whitelisting | MongoDB Inc. | MongoDB Server | Medium | 4.6 | 2020-05-06 14:55:12 | Deep Dive |
| CVE-2019-2389 | Process termination via PID file manipulation | MongoDB Inc. | MongoDB Server | Medium | 5.3 | 2019-08-30 14:41:23 | Deep Dive |
| CVE-2019-2390 | Code execution on Windows via OpenSSL engine injection | MongoDB Inc. | MongoDB Server | High | 8.2 | 2019-08-30 14:41:19 | Deep Dive |
| CVE-2019-2386 | Authorization session conflation | MongoDB Inc. | MongoDB Server | High | 7.1 | 2019-08-06 18:32:07 | Deep Dive |