| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2021-20335 | SSL may be unexpectedly disabled during upgrade of multiple-server MongoDB Ops Manager | MongoDB Inc. | MongoDB Ops Manager | Medium | 6.7 | 2021-02-11 10:10:14 | Deep Dive |
| CVE-2019-20925 | Denial of service via malformed network packet | MongoDB Inc. | MongoDB Server | High | 7.5 | 2020-11-24 11:00:16 | Deep Dive |
| CVE-2020-7927 | Potential privilege escalation in Ops Manager API | MongoDB Inc. | MongoDB Ops Manager | High | 8.1 | 2020-11-23 19:00:18 | Deep Dive |
| CVE-2018-20803 | Infinite loop in aggregation expression | MongoDB Inc. | MongoDB Server | Medium | 6.5 | 2020-11-23 17:30:14 | Deep Dive |
| CVE-2020-7928 | Improper neutralization of null byte leads to read overrun | MongoDB Inc. | MongoDB Server | Medium | 6.5 | 2020-11-23 16:35:13 | Deep Dive |
| CVE-2019-2393 | Crash while joining collections with $lookup | MongoDB Inc. | MongoDB Server | Medium | 6.5 | 2020-11-23 15:30:25 | Deep Dive |
| CVE-2019-20923 | Crash while handling internal Javascript exception types | MongoDB Inc. | MongoDB Server | Medium | 6.5 | 2020-11-23 15:30:21 | Deep Dive |
| CVE-2019-20924 | Invariant in IndexBoundsBuilder | MongoDB Inc. | MongoDB Server | Medium | 6.5 | 2020-11-23 15:30:16 | Deep Dive |
| CVE-2019-2392 | $mod can result in undefined behavior | MongoDB Inc. | MongoDB Server | Medium | 6.5 | 2020-11-23 15:25:14 | Deep Dive |
| CVE-2018-20805 | Invariant with $elemMatch | MongoDB Inc. | MongoDB Server | Medium | 6.5 | 2020-11-23 15:20:14 | Deep Dive |
| CVE-2018-20802 | Post-auth queries on compound index may crash mongod | MongoDB Inc. | MongoDB Server | Medium | 6.5 | 2020-11-23 15:15:19 | Deep Dive |
| CVE-2018-20804 | Invariant failure in applyOps | MongoDB Inc. | MongoDB Server | Medium | 6.5 | 2020-11-23 15:15:14 | Deep Dive |
| CVE-2020-7926 | Specific query can cause a DoS against MongoDB Server | MongoDB Inc. | MongoDB Server | Medium | 6.5 | 2020-11-23 15:05:15 | Deep Dive |
| CVE-2020-7925 | Denial of Service when processing malformed Role names | MongoDB Inc. | MongoDB Server | High | 7.5 | 2020-11-23 14:50:12 | Deep Dive |
| CVE-2020-2267 | CloudBees Jenkins MongoDB 安全漏洞 | Jenkins project | Jenkins MongoDB Plugin | 中危 | - | 2020-09-16 13:20:45 | Deep Dive |
| CVE-2020-2268 | CloudBees Jenkins MongoDB 跨站请求伪造漏洞 | Jenkins project | Jenkins MongoDB Plugin | 高危 | - | 2020-09-16 13:20:45 | Deep Dive |
| CVE-2020-7923 | Specific GeoQuery can cause DoS against MongoDB Server | MongoDB Inc. | MongoDB Server | Medium | 6.5 | 2020-08-21 14:25:12 | Deep Dive |
| CVE-2019-2388 | Potential exposure of log information in Ops Manager | MongoDB Inc. | MongoDB Ops Manager | Medium | 5.8 | 2020-05-13 16:15:13 | Deep Dive |
| CVE-2020-7921 | Administrative action may disable enforcement of per-user IP whitelisting | MongoDB Inc. | MongoDB Server | Medium | 4.6 | 2020-05-06 14:55:12 | Deep Dive |
| CVE-2020-7922 | Kubernetes Operator generates potentially insecure certificates | MongoDB Inc. | MongoDB Enterprise Kubernetes Operator | Medium | 6.4 | 2020-04-09 17:35:12 | Deep Dive |