Search CVE reports
1 – 10 of 1789 results
Index out-of-range when encountering a branch page with zero elements in go.etcd.io/bbolt
2 affected packages
golang-github-boltdb-bolt, golang-github-coreos-bbolt
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| golang-github-boltdb-bolt | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| golang-github-coreos-bbolt | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
An issue was discovered in MariaDB Server before 11.4.10, 11.5.x through 11.8.x before 11.8.6, and 12.x before 12.2.2. If the caching_sha2_password authentication plugin is installed, and some user accounts are configured to use...
5 affected packages
mariadb, mariadb-10.0, mariadb-10.1, mariadb-10.3, mariadb-10.6
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mariadb | Needs evaluation | Not in release | — | — |
| mariadb-10.0 | Not in release | Not in release | — | — |
| mariadb-10.1 | Not in release | Not in release | — | Needs evaluation |
| mariadb-10.3 | Not in release | Not in release | Needs evaluation | — |
| mariadb-10.6 | Not in release | Needs evaluation | — | — |
A user with access to the cluster with a limited set of privilege actions can trigger a crash of a mongod process during the limited and unpredictable window when the cluster is being promoted from a replica set to a sharded...
1 affected package
mongodb
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mongodb | Not in release | Not in release | Needs evaluation | Needs evaluation |
MariaDB server is a community developed fork of MySQL server. An authenticated user can crash MariaDB versions 11.4 before 11.4.10 and 11.8 before 11.8.6 via a bug in JSON_SCHEMA_VALID() function. Under certain conditions it might...
5 affected packages
mariadb, mariadb-10.0, mariadb-10.1, mariadb-10.3, mariadb-10.6
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mariadb | Needs evaluation | Not in release | — | — |
| mariadb-10.0 | Not in release | Not in release | — | — |
| mariadb-10.1 | Not in release | Not in release | — | Needs evaluation |
| mariadb-10.3 | Not in release | Not in release | Needs evaluation | — |
| mariadb-10.6 | Not in release | Needs evaluation | — | — |
A specially crafted aggregation query with $lookup by an authenticated user with write privileges can cause a double-free or use-after-free memory issue in the slot-based execution (SBE) engine when an in-memory hash table is...
1 affected package
mongodb
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mongodb | Not in release | Not in release | Needs evaluation | Needs evaluation |
A use-after-free vulnerability can be triggered in sharded clusters by an authenticated user with the read role who issues a specially crafted $lookup or $graphLookup aggregation pipeline.
1 affected package
mongodb
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mongodb | Not in release | Not in release | Needs evaluation | Needs evaluation |
An authenticated user with the read role may read limited amounts of uninitialized stack memory via specially-crafted issuances of the filemd5 command.
1 affected package
mongodb
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mongodb | Not in release | Not in release | Needs evaluation | Needs evaluation |
An authorized user may disable the MongoDB server by issuing a query against a collection that contains an invalid compound wildcard index.
1 affected package
mongodb
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mongodb | Not in release | Not in release | Vulnerable | Vulnerable |
An authorized user may trigger a server crash by running a $geoNear pipeline with certain invalid index hints.
1 affected package
mongodb
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mongodb | Not in release | Not in release | Vulnerable | Vulnerable |
Incorrect validation of the profile command may result in the determination that a request altering the 'filter' is read-only.
1 affected package
mongodb
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mongodb | Not in release | Not in release | Not affected | Not affected |