Mariadb

Mariadb

407 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.9

CVE-2023-52969

  • EPSS 0.11%
  • Veröffentlicht 08.03.2025 23:15:14
  • Zuletzt bearbeitet 08.03.2025 23:15:14

MariaDB Server 10.4 through 10.5.*, 10.6 through 10.6.*, 10.7 through 10.11.*, and 11.0 through 11.0.* can sometimes crash with an empty backtrace log. This may be related to make_aggr_tables_info and optimize_stage2.

4.9

CVE-2023-52970

  • EPSS 0.11%
  • Veröffentlicht 08.03.2025 23:15:14
  • Zuletzt bearbeitet 08.03.2025 23:15:14

MariaDB Server 10.4 through 10.5.*, 10.6 through 10.6.*, 10.7 through 10.11.*, 11.0 through 11.0.*, and 11.1 through 11.4.* crashes in Item_direct_view_ref::derived_field_transformer_for_where.

4.9

CVE-2023-52971

  • EPSS 0.03%
  • Veröffentlicht 08.03.2025 23:15:14
  • Zuletzt bearbeitet 08.03.2025 23:15:14

MariaDB Server 10.10 through 10.11.* and 11.0 through 11.4.* crashes in JOIN::fix_all_splittings_in_plan.

4.9

CVE-2023-52968

  • EPSS 0.06%
  • Veröffentlicht 08.03.2025 23:15:13
  • Zuletzt bearbeitet 08.03.2025 23:15:13

MariaDB Server 10.4 before 10.4.33, 10.5 before 10.5.24, 10.6 before 10.6.17, 10.7 through 10.11 before 10.11.7, 11.0 before 11.0.5, and 11.1 before 11.1.4 calls fix_fields_if_needed under mysql_derived_prepare when derived is not yet prepared, leadi...

9.8

CVE-2023-26785

Exploit
  • EPSS 14.53%
  • Veröffentlicht 17.10.2024 22:15:02
  • Zuletzt bearbeitet 10.07.2025 19:06:29

MariaDB v10.5 was discovered to contain a remote code execution (RCE) vulnerability via UDF Code in a Shared Object File, followed by a "create function" statement. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is cro...

5.6

CVE-2023-39593

Exploit
  • EPSS 0.54%
  • Veröffentlicht 17.10.2024 22:15:02
  • Zuletzt bearbeitet 10.07.2025 19:09:33

Insecure permissions in the sys_exec function of MariaDB v10.5 allows authenticated attackers to execute arbitrary commands with elevated privileges. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed.

5.7

CVE-2024-27766

Exploit
  • EPSS 17.27%
  • Veröffentlicht 17.10.2024 22:15:02
  • Zuletzt bearbeitet 10.07.2025 19:12:35

An issue in MariaDB v.11.1 allows a remote attacker to execute arbitrary code via the lib_mysqludf_sys.so function. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed.

4.9

CVE-2023-22084

  • EPSS 1.36%
  • Veröffentlicht 17.10.2023 22:15:13
  • Zuletzt bearbeitet 22.01.2025 16:10:07

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.43 and prior, 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network acce...

7.5

CVE-2023-5157

  • EPSS 0.27%
  • Veröffentlicht 27.09.2023 15:19:41
  • Zuletzt bearbeitet 01.10.2025 15:15:41

A vulnerability was found in MariaDB. An OpenVAS port scan on ports 3306 and 4567 allows a malicious remote client to cause a denial of service.

6.5

CVE-2022-47015

  • EPSS 0.09%
  • Veröffentlicht 20.01.2023 19:15:17
  • Zuletzt bearbeitet 03.04.2025 16:15:29

MariaDB Server before 10.3.34 thru 10.9.3 is vulnerable to Denial of Service. It is possible for function spider_db_mbase::print_warnings to dereference a null pointer.