CVE-2019-2392

MEDIUM Year: 2019
CVSS v3 Score
6.5
Medium
CVSS v2 Score
4.0
Medium
Weakness Type
CWE-190
View all →

Vulnerability Description

A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which use the $mod operator to overflow negative values. This issue affects: MongoDB Inc. MongoDB Server v4.4 versions prior to 4.4.1; v4.2 versions prior to 4.2.9; v4.0 versions prior to 4.0.20; v3.6 versions prior to 3.6.20.

Related Vulnerabilities

CVE-2010-4653

MEDIUM
CVSS:6.5(Medium)

An integer overflow condition in poppler before 0.16.3 can occur when parsing CharCodes for fonts.

CWE-1902010

CVE-2016-10507

MEDIUM
CVSS:6.5(Medium)

Integer overflow vulnerability in the bmp24toimage function in convertbmp.c in OpenJPEG before 2.2.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application c...

CWE-1902016

CVE-2016-2120

MEDIUM
CVSS:6.5(Medium)

An issue has been found in PowerDNS Authoritative Server versions up to and including 3.4.10, 4.0.1 allowing an authorized user to crash the server by inserting a specially crafted record in a zone un...

CWE-1902016

CVE-2016-5223

MEDIUM
CVSS:6.5(Medium)

Integer overflow in PDFium in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption or DoS via a...

CWE-1902016

CVE-2016-5844

MEDIUM
CVSS:6.5(Medium)

Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a crafted ISO file.

CWE-1902016

CVE-2016-6177

MEDIUM
CVSS:6.5(Medium)

The Huawei OceanStor 5800 V300R003C00 has an integer overflow vulnerability. An authenticated attacker may send massive abnormal Network File System (NFS) packets, causing an anomaly in specific disk ...

CWE-1902016