Mariadb

Mariadb

407 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2014-4258

  • EPSS 0.57%
  • Veröffentlicht 17.07.2014 11:17:10
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier and 5.6.17 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SRINFOSC.

5.5

CVE-2014-4260

  • EPSS 0.43%
  • Veröffentlicht 17.07.2014 11:17:10
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier, and 5.6.17 and earlier, allows remote authenticated users to affect integrity and availability via vectors related to SRCHAR.

4

CVE-2014-2494

  • EPSS 0.3%
  • Veröffentlicht 17.07.2014 05:10:15
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect availability via vectors related to ENARC.

4

CVE-2014-4207

  • EPSS 0.37%
  • Veröffentlicht 17.07.2014 05:10:15
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect availability via vectors related to SROPTZR.

7.4

CVE-2014-0224

Exploit
  • EPSS 92.69%
  • Veröffentlicht 05.06.2014 21:55:07
  • Zuletzt bearbeitet 12.04.2025 10:46:40

OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL...

4.3

CVE-2014-3470

  • EPSS 91.4%
  • Veröffentlicht 05.06.2014 21:55:07
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service (NULL pointer dereferen...

6.8

CVE-2014-0195

  • EPSS 90.91%
  • Veröffentlicht 05.06.2014 21:55:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The dtls1_reassemble_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly validate fragment lengths in DTLS ClientHello messages, which allows remote attackers to execute arbitrary c...

4.3

CVE-2014-0221

  • EPSS 82.1%
  • Veröffentlicht 05.06.2014 21:55:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The dtls1_get_message_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service (recursion and client crash) via a DTLS hello message in an invalid DTLS...

4.3

CVE-2014-0198

  • EPSS 30.89%
  • Veröffentlicht 06.05.2014 10:44:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, does not properly manage a buffer pointer during certain recursive calls, which allows remote attackers to cause a denial of service (NULL...

2.6

CVE-2014-2431

  • EPSS 0.83%
  • Veröffentlicht 16.04.2014 02:55:16
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote attackers to affect availability via unknown vectors related to Options.