The various bson_append functions in the MongoDB C driver library may be susceptible to buffer overflow when performing operations that could result in a final BSON document which exceeds the maximum
An authorized user may trigger crashes or receive the contents of buffer over-reads of Server memory by issuing specially crafted requests that construct malformed BSON in the MongoDB Server. This iss
Stack exhaustion vulnerability in the MongoDB PHP driver can cause application crashes when processing deeply nested BSON documents in unusual circumstances when the source of these BSON documents is
Inconsistent object size validation in time series processing logic may result in later processing of oversized BSON documents leading to an assert failing and process termination.
This issue impacts
Computing the MD5 checksum of a malformed BSON object under specific conditions may cause loss of availability in MongoDB server.
This issue affects all MongoDB Server v8.2 versions, all MongoDB Serve
In the Linux kernel, the following vulnerability has been resolved:
fs: jfs: fix shift-out-of-bounds in dbAllocAG
Syzbot found a crash : UBSAN: shift-out-of-bounds in dbAllocAG. The
underlying bug i
A mongoc_bulk_operation_t may read invalid memory if large options are passed.
The bson_validate function may return early on specific inputs and incorrectly report success. This behavior could result in skipping validation for BSON data, allowing malformed or invalid UTF-8 sequ
An authorized user may crash the MongoDB server by causing buffer over-read. This can be done by issuing a DDL operation while queries are being issued, under some conditions. This issue affects Mongo
In the Linux kernel, the following vulnerability has been resolved:
fs: jfs: Fix UBSAN: array-index-out-of-bounds in dbAllocDmapLev
Syzkaller reported the following issue:
UBSAN: array-index-out-of
Heap-based Buffer Overflow vulnerability in Samsung Open Source Escargot JavaScript engine allows Overflow Buffers.This issue affects Escargot: 4.0.0.
Issue summary: A signed integer overflow when sizing the destination
buffer for Unicode output in ASN1_mbstring_ncopy() can lead to a heap
buffer overflow.
Impact summary: A heap buffer overflow may
Mismatched length fields in Zlib compressed protocol headers may allow a read of uninitialized heap memory by an unauthenticated client. This issue affects all MongoDB Server v7.0 prior to 7.0.28 vers
BSON::XS versions 0.8.4 and earlier for Perl includes a bundled libbson 1.1.7, which has several vulnerabilities.
Those include CVE-2017-14227, CVE-2018-16790, CVE-2023-0437, CVE-2024-6381, CVE-2024-
A vulnerability in MongoDB Server's BSON validation logic allows an unauthenticated user to crash the mongod process by sending a specially crafted message. The BSON validator's handling of certain ne
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbit
An integer overflow vulnerability in the simdjson document-builder API allows incorrect buffer size calculations in "string_builder::escape_and_append()" when processing very large input strings on pl
A heap-based buffer overflow vulnerability exists in the Intan CLP parsing functionality of The Biosig Project libbiosig 3.9.2 and Master Branch (db9a9a63). A specially crafted Intan CLP file can lead
Out-of-bounds write vulnerability in Samsung Open Source Escargot allows Overflow Buffers.This issue affects Escargot: 97e8115ab1110bc502b4b5e4a0c689a71520d335.
BACnet Protocol Stack library provides a BACnet application layer, network layer and media access (MAC) layer communications services. In 1.4.2, 1.5.0.rc2, and earlier, an off-by-one stack-based buffe
Page 1+ Next →