Search CVE reports
61 – 70 of 1617 results
CVE-2024-6375
Medium priorityA command for refining a collection shard key is missing an authorization check. This may cause the command to run directly on a shard, leading to either degradation of query performance, or to revealing chunk boundaries through...
1 affected package
mongodb
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| mongodb | Not in release | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2024-36845
Medium priorityAn invalid pointer in the modbus_receive() function of libmodbus v3.1.6 allows attackers to cause a Denial of Service (DoS) via a crafted message sent to the unit-test-server.
1 affected package
libmodbus
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libmodbus | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2024-36844
Medium prioritylibmodbus v3.1.6 was discovered to contain a use-after-free via the ctx->backend pointer. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted message sent to the unit-test-server.
1 affected package
libmodbus
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libmodbus | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2024-36843
Medium prioritylibmodbus v3.1.6 was discovered to contain a heap overflow via the modbus_mapping_free() function.
1 affected package
libmodbus
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libmodbus | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2024-3374
Medium priorityAn unauthenticated user can trigger a fatal assertion in the server while generating ftdc diagnostic metrics due to attempting to build a BSON object that exceeds certain memory sizes. This issue affects MongoDB Server...
1 affected package
mongodb
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| mongodb | Not in release | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2024-3372
Medium priorityImproper validation of certain metadata input may result in the server not correctly serialising BSON. This can be performed pre-authentication and may cause unexpected application behavior including unavailability of serverStatus...
1 affected package
mongodb
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| mongodb | Not in release | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2024-34244
Medium prioritylibmodbus v3.1.10 is vulnerable to Buffer Overflow via the modbus_write_bits function. This issue can be triggered when the function is fed with specially crafted input, which leads to out-of-bounds read and can potentially cause...
1 affected package
libmodbus
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libmodbus | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2023-26793
Medium prioritylibmodbus v3.1.10 has a heap-based buffer overflow vulnerability in read_io_status function in src/modbus.c.
1 affected package
libmodbus
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libmodbus | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2024-21102
Medium prioritySome fixes available 4 of 9
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Thread Pooling). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged...
10 affected packages
mariadb, mariadb-10.0, mariadb-10.1, mariadb-10.3, mariadb-10.6...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| mariadb | Not affected | Not in release | Not in release | — | — |
| mariadb-10.0 | Not in release | Not in release | Not in release | — | Not affected |
| mariadb-10.1 | Not in release | Not in release | Not in release | Not affected | — |
| mariadb-10.3 | Not in release | Not in release | Ignored | — | — |
| mariadb-10.6 | Not in release | Not affected | Not in release | — | — |
| mysql-5.5 | Not in release | Not in release | Not in release | — | — |
| mysql-5.7 | Not in release | Not in release | Not in release | Needs evaluation | Ignored |
| mysql-8.0 | Fixed | Fixed | Fixed | — | — |
| percona-server-5.6 | Not in release | Not in release | Not in release | — | Needs evaluation |
| percona-xtradb-cluster-5.6 | Not in release | Not in release | Not in release | — | Needs evaluation |
CVE-2024-21096
Medium prioritySome fixes available 7 of 15
Vulnerability in the MySQL Server product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Difficult to exploit vulnerability allows unauthenticated...
10 affected packages
mariadb, mariadb-10.0, mariadb-10.1, mariadb-10.3, mariadb-10.6...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| mariadb | Fixed | Not in release | Not in release | — | — |
| mariadb-10.0 | Not in release | Not in release | Not in release | — | Needs evaluation |
| mariadb-10.1 | Not in release | Not in release | Not in release | Needs evaluation | — |
| mariadb-10.3 | Not in release | Not in release | Ignored | — | — |
| mariadb-10.6 | Not in release | Fixed | Not in release | — | — |
| mysql-5.5 | Not in release | Not in release | Not in release | — | — |
| mysql-5.7 | Not in release | Not in release | Not in release | Needs evaluation | Ignored |
| mysql-8.0 | Fixed | Fixed | Fixed | — | — |
| percona-server-5.6 | Not in release | Not in release | Not in release | — | Needs evaluation |
| percona-xtradb-cluster-5.6 | Not in release | Not in release | Not in release | — | Needs evaluation |