Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-8199 |
|
Vulnerability in mongodb (CVE-2026-8199)
vulnerability in mongodb (CVE-2026-8199). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `7.0.34, 8.0.23, 8.2.9, 8.3.2` or later.
|
| CVE-2026-8053 |
|
Out-of-Bounds Write in mongodb (CVE-2026-8053)
out-of-bounds write in mongodb (CVE-2026-8053). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `5.0.33, 6.0.28, 7.0.34, 8.0.23, 8.2.9, 8.3.2` or later.
|
| CVE-2026-37431 |
|
SQL Injection in sqli (CVE-2026-37431)
SQL injection in sqli (CVE-2026-37431). Successful exploitation can lead to full system takeover.
|
| CVE-2026-33109 |
|
Vulnerability in apache (CVE-2026-33109)
vulnerability in apache (CVE-2026-33109). Successful exploitation can lead to full system takeover.
|
| CVE-2026-33844 |
|
Vulnerability in apache (CVE-2026-33844)
vulnerability in apache (CVE-2026-33844). Successful exploitation can lead to full system takeover.
|
| CVE-2026-36458 |
|
Code Injection in sqli (CVE-2026-36458)
code injection in sqli (CVE-2026-36458). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8063 |
|
Vulnerability in mongodb (CVE-2026-8063)
vulnerability in mongodb (CVE-2026-8063). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.2.7` or later.
|
| CVE-2026-6691 |
|
Vulnerability in c (CVE-2026-6691)
vulnerability in c (CVE-2026-6691). Successful exploitation can lead to full system takeover.
|
| CVE-2026-38428 |
|
SQL Injection in sqli (CVE-2026-38428)
SQL injection in sqli (CVE-2026-38428). Successful exploitation can lead to full system takeover. Exploitable via `GET /api/v1/main/flows/search`.
|
| CVE-2026-23631 |
|
Use-After-Free in redis (CVE-2026-23631)
vulnerability in redis (CVE-2026-23631). Data can be tampered with by attackers.
|
| CVE-2026-25243 |
|
Vulnerability in redis (CVE-2026-25243)
vulnerability in redis (CVE-2026-25243). Successful exploitation can lead to full system takeover.
|
| CVE-2026-23479 |
|
Use-After-Free in redis (CVE-2026-23479)
vulnerability in redis (CVE-2026-23479). Successful exploitation can lead to full system takeover. Exploitable via ``processCommandAndResetClient``.
|
| CVE-2026-42198 |
|
Vulnerability in dos (CVE-2026-42198)
vulnerability in dos (CVE-2026-42198). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-35549 |
|
Vulnerability in mariadb (CVE-2026-35549)
vulnerability in mariadb (CVE-2026-35549). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `11.4.10, 11.8.6, 12.2.2` or later.
|
| CVE-2026-2007 |
|
Vulnerability in privilege-escalation (CVE-2026-2007)
vulnerability in privilege-escalation (CVE-2026-2007). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-2005 |
|
Vulnerability in postgresql (CVE-2026-2005)
vulnerability in postgresql (CVE-2026-2005). Successful exploitation can lead to full system takeover.
|
| CVE-2026-2004 |
|
Vulnerability in postgresql (CVE-2026-2004)
vulnerability in postgresql (CVE-2026-2004). Successful exploitation can lead to full system takeover.
|
| CVE-2026-2006 |
|
Vulnerability in postgresql (CVE-2026-2006)
vulnerability in postgresql (CVE-2026-2006). Successful exploitation can lead to full system takeover.
|
| CVE-2025-14847 KEV |
|
[KEV] Vulnerability in mongodb (CVE-2025-14847)
vulnerability in mongodb (CVE-2025-14847). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-6965 |
|
Vulnerability in SQLitePCLRaw.lib.e_sqlite3 (CVE-2025-6965)
vulnerability in SQLitePCLRaw.lib.e_sqlite3 (CVE-2025-6965). Data can be tampered with by attackers.
|
| CVE-2023-5868 |
|
Vulnerability in postgresql (CVE-2023-5868)
vulnerability in postgresql (CVE-2023-5868). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-0543 KEV |
|
[KEV] Vulnerability in redis (CVE-2022-0543)
vulnerability in redis (CVE-2022-0543). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2015-1427 KEV |
|
[KEV] Vulnerability in elastic (CVE-2015-1427)
vulnerability in elastic (CVE-2015-1427). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2014-3120 KEV |
|
[KEV] Vulnerability in elastic (CVE-2014-3120)
vulnerability in elastic (CVE-2014-3120). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-0778 |
|
Vulnerability in dos (CVE-2022-0778)
vulnerability in dos (CVE-2022-0778). Risk of unauthorized operations or information disclosure.
|
| CVE-2019-10758 KEV |
|
[KEV] Vulnerability in Mongodb mongo-express (CVE-2019-10758)
vulnerability in Mongodb mongo-express (CVE-2019-10758). Risk of unauthorized operations or information disclosure. Exploitable via ``toBSON``. Listed in CISA KEV — actively exploited.
|
| CVE-2020-21468 |
|
Vulnerability in dos (CVE-2020-21468)
vulnerability in dos (CVE-2020-21468). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-1971 |
|
Vulnerability in dos (CVE-2020-1971)
vulnerability in dos (CVE-2020-1971). Risk of unauthorized operations or information disclosure.
|
| CVE-2019-16168 |
|
Vulnerability in c (CVE-2019-16168)
vulnerability in c (CVE-2019-16168). Risk of unauthorized operations or information disclosure.
|
| CVE-2019-7317 |
|
Use-After-Free in c (CVE-2019-7317)
vulnerability in c (CVE-2019-7317). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-11480 |
|
Vulnerability in dos (CVE-2017-11480)
vulnerability in dos (CVE-2017-11480). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-12172 |
|
Vulnerability in postgresql (CVE-2017-12172)
vulnerability in postgresql (CVE-2017-12172). Successful exploitation can lead to full system takeover.
|
| CVE-2017-15099 |
|
Information Disclosure in postgresql (CVE-2017-15099)
vulnerability in postgresql (CVE-2017-15099). Confidential information can be exposed externally.
|
| CVE-2017-15098 |
|
Information Disclosure in postgresql (CVE-2017-15098)
vulnerability in postgresql (CVE-2017-15098). Confidential information can be exposed externally.
|
| CVE-2017-8806 |
|
Vulnerability in dos (CVE-2017-8806)
vulnerability in dos (CVE-2017-8806). Data can be tampered with by attackers.
|
| CVE-2017-15535 |
|
Vulnerability in mongodb (CVE-2017-15535)
vulnerability in mongodb (CVE-2017-15535). Data can be tampered with by attackers.
|
| CVE-2017-15945 |
|
Vulnerability in mariadb (CVE-2017-15945)
vulnerability in mariadb (CVE-2017-15945). Successful exploitation can lead to full system takeover.
|
| CVE-2016-10517 |
|
Vulnerability in c (CVE-2016-10517)
vulnerability in c (CVE-2016-10517). Confidential information can be exposed externally.
|
| CVE-2017-10379 |
|
Authorization Flaw in c (CVE-2017-10379)
vulnerability in c (CVE-2017-10379). Confidential information can be exposed externally.
|
| CVE-2017-10384 |
|
Vulnerability in c (CVE-2017-10384)
vulnerability in c (CVE-2017-10384). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-10378 |
|
Vulnerability in c (CVE-2017-10378)
vulnerability in c (CVE-2017-10378). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-10365 |
|
Vulnerability in c (CVE-2017-10365)
vulnerability in c (CVE-2017-10365). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-10320 |
|
Vulnerability in c (CVE-2017-10320)
vulnerability in c (CVE-2017-10320). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-10314 |
|
Vulnerability in c (CVE-2017-10314)
vulnerability in c (CVE-2017-10314). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-10279 |
|
Vulnerability in c (CVE-2017-10279)
vulnerability in c (CVE-2017-10279). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-10283 |
|
Vulnerability in c (CVE-2017-10283)
vulnerability in c (CVE-2017-10283). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-10284 |
|
Vulnerability in c (CVE-2017-10284)
vulnerability in c (CVE-2017-10284). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-10286 |
|
Vulnerability in c (CVE-2017-10286)
vulnerability in c (CVE-2017-10286). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-10296 |
|
Vulnerability in c (CVE-2017-10296)
vulnerability in c (CVE-2017-10296). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-10313 |
|
Vulnerability in c (CVE-2017-10313)
vulnerability in c (CVE-2017-10313). Risk of unauthorized operations or information disclosure.
|