Mariadb ≫ Mariadb

MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_int use-after-free when the BIGINT data type is used.

MariaDB through 10.5.9 allows an application crash in find_field_in_tables and find_order_in_list via an unused common table expression (CTE).

MariaDB through 10.5.9 allows a set_var.cc application crash via certain uses of an UPDATE statement in conjunction with a nested subquery.

MariaDB through 10.5.13 allows a ha_maria::extra application crash via certain SELECT statements.

MariaDB through 10.5.9 allows an application crash in sub_select_postjoin_aggr for a NULL value of aggr.

MariaDB through 10.5.9 allows a sql_parse.cc application crash because of incorrect used_tables expectations.

get_sort_by_table in MariaDB before 10.6.2 allows an application crash via certain subquery uses of ORDER BY.

save_window_function_values in MariaDB before 10.6.3 allows an application crash because of incorrect handling of with_window_func=true for a subquery.

MariaDB before 10.7.2 allows an application crash because it does not recognize that SELECT_LEX::nest_level is local to each VIEW.

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.35 and prior and 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via mu...