CVE-2023-25948

HIGH Year: 2023
CVSS v3 Score
7.5
High
Weakness Type
CWE-394
View all →

Vulnerability Description

Server information leak of configuration data when an error is generated in response to a specially crafted message. See Honeywell Security Notification for recommendations on upgrading and versioning.

Related Vulnerabilities

CVE-2019-0066

HIGH
CVSS:7.5(High)

An unexpected status return value weakness in the Next-Generation Multicast VPN (NG-mVPN) service of Juniper Networks Junos OS allows attacker to cause a Denial of Service (DoS) condition and core the...

CWE-3942019

CVE-2024-1713

HIGH
CVSS:7.2(High)

A user who can create objects in a database with plv8 3.2.1 installed is able to cause deferred triggers to execute as the Superuser during autovacuum.

CWE-3942024

CVE-2018-20802

MEDIUM
CVSS:6.5(Medium)

A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries with compound indexes affecting QueryPlanner. This issue affects MongoDB Server v3.6 ve...

CWE-3942018

CVE-2019-20924

MEDIUM
CVSS:6.5(Medium)

A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries which trigger an invariant in the IndexBoundsBuilder. This issue affects MongoDB Server...

CWE-3942019

CVE-2019-0066

HIGH
CVSS:7.5(High)

An unexpected status return value weakness in the Next-Generation Multicast VPN (NG-mVPN) service of Juniper Networks Junos OS allows attacker to cause a Denial of Service (DoS) condition and core the...

CWE-3942019

CVE-2024-1713

HIGH
CVSS:7.2(High)

A user who can create objects in a database with plv8 3.2.1 installed is able to cause deferred triggers to execute as the Superuser during autovacuum.

CWE-3942024