Mariadb

Mariadb

409 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3

CVE-2026-3494

  • EPSS 0.01%
  • Veröffentlicht 03.03.2026 18:12:12
  • Zuletzt bearbeitet 16.03.2026 18:16:09

In MariaDB server version through 11.8.5, when server audit plugin is enabled with server_audit_events variable configured with QUERY_DCL, QUERY_DDL, or QUERY_DML filtering, if an authenticated database user invokes a SQL statement prefixed with doub...

7

CVE-2025-13699

  • EPSS 0.21%
  • Veröffentlicht 23.12.2025 21:40:56
  • Zuletzt bearbeitet 29.12.2025 15:58:56

MariaDB mariadb-dump Utility Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of MariaDB. Interaction with the mariadb-dump utility is required to ...

4.9

CVE-2023-52969

  • EPSS 0.21%
  • Veröffentlicht 08.03.2025 23:15:14
  • Zuletzt bearbeitet 03.11.2025 20:16:06

MariaDB Server 10.4 through 10.5.*, 10.6 through 10.6.*, 10.7 through 10.11.*, and 11.0 through 11.0.* can sometimes crash with an empty backtrace log. This may be related to make_aggr_tables_info and optimize_stage2.

4.9

CVE-2023-52970

  • EPSS 0.21%
  • Veröffentlicht 08.03.2025 23:15:14
  • Zuletzt bearbeitet 03.11.2025 20:16:06

MariaDB Server 10.4 through 10.5.*, 10.6 through 10.6.*, 10.7 through 10.11.*, 11.0 through 11.0.*, and 11.1 through 11.4.* crashes in Item_direct_view_ref::derived_field_transformer_for_where.

4.9

CVE-2023-52971

  • EPSS 0.06%
  • Veröffentlicht 08.03.2025 23:15:14
  • Zuletzt bearbeitet 08.03.2025 23:15:14

MariaDB Server 10.10 through 10.11.* and 11.0 through 11.4.* crashes in JOIN::fix_all_splittings_in_plan.

4.9

CVE-2023-52968

  • EPSS 0.1%
  • Veröffentlicht 08.03.2025 23:15:13
  • Zuletzt bearbeitet 08.03.2025 23:15:13

MariaDB Server 10.4 before 10.4.33, 10.5 before 10.5.24, 10.6 before 10.6.17, 10.7 through 10.11 before 10.11.7, 11.0 before 11.0.5, and 11.1 before 11.1.4 calls fix_fields_if_needed under mysql_derived_prepare when derived is not yet prepared, leadi...

9.8

CVE-2023-26785

Exploit
  • EPSS 63.02%
  • Veröffentlicht 17.10.2024 22:15:02
  • Zuletzt bearbeitet 10.07.2025 19:06:29

MariaDB v10.5 was discovered to contain a remote code execution (RCE) vulnerability via UDF Code in a Shared Object File, followed by a "create function" statement. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is cro...

5.6

CVE-2023-39593

Exploit
  • EPSS 0.79%
  • Veröffentlicht 17.10.2024 22:15:02
  • Zuletzt bearbeitet 10.07.2025 19:09:33

Insecure permissions in the sys_exec function of MariaDB v10.5 allows authenticated attackers to execute arbitrary commands with elevated privileges. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed.

5.7

CVE-2024-27766

Exploit
  • EPSS 30.15%
  • Veröffentlicht 17.10.2024 22:15:02
  • Zuletzt bearbeitet 10.07.2025 19:12:35

An issue in MariaDB v.11.1 allows a remote attacker to execute arbitrary code via the lib_mysqludf_sys.so function. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed.

4.9

CVE-2023-22084

  • EPSS 1.36%
  • Veröffentlicht 17.10.2023 22:15:13
  • Zuletzt bearbeitet 22.01.2025 16:10:07

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.43 and prior, 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network acce...