Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mariadb vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2016-10550
sequelize is an Object-relational mapping, or a middleman to convert things from Postgres, MySQL, MariaDB, SQLite and Microsoft SQL Server into usable data for NodeJS If user input goes into the `limit` or `order` parameters, a malicious user can put in their own SQL statements. ...
Sequelizejs Sequelize
7.5
CVSSv2
CVE-2016-10553
sequelize is an Object-relational mapping, or a middleman to convert things from Postgres, MySQL, MariaDB, SQLite and Microsoft SQL Server into usable data for NodeJS. A fix was pushed out that fixed potential SQL injection in sequelize 2.1.3 and previous versions.
Sequelizejs Sequelize
7.5
CVSSv2
CVE-2016-10554
sequelize is an Object-relational mapping, or a middleman to convert things from Postgres, MySQL, MariaDB, SQLite and Microsoft SQL Server into usable data for NodeJS. Before version 1.7.0-alpha3, sequelize defaulted SQLite to use MySQL backslash escaping, even though SQLite uses...
Sequelizejs Sequelize 1.7.0
Sequelizejs Sequelize
7.5
CVSSv2
CVE-2014-6491
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and previous versions and 5.6.20 and previous versions allows remote malicious users to affect confidentiality, integrity, and availability via vectors related to SERVER:SSL:yaSSL, a different vulnerability than CVE-2014-650...
Oracle Mysql
Juniper Junos Space
Mariadb Mariadb
Oracle Solaris 11.3
7.5
CVSSv2
CVE-2014-6500
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and previous versions, and 5.6.20 and previous versions, allows remote malicious users to affect confidentiality, integrity, and availability via vectors related to SERVER:SSL:yaSSL, a different vulnerability than CVE-2014-6...
Oracle Solaris 11.3
Juniper Junos Space
Mariadb Mariadb
Oracle Mysql
7.5
CVSSv2
CVE-2012-3158
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and previous versions, and 5.5.26 and previous versions, allows remote malicious users to affect confidentiality, integrity, and availability via unknown vectors related to Protocol.
Oracle Mysql
Mariadb Mariadb
Debian Debian Linux 7.0
Debian Debian Linux 6.0
Canonical Ubuntu Linux 11.10
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 12.04
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Eus 6.3
7.5
CVSSv2
CVE-2009-4484
Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL prior to 1.9.9, as used in mysqld in MySQL 5.0.x prior to 5.0.90, MySQL 5.1.x prior to 5.1.43, MySQL 5.5.x up to and including 5.5.0-m2, and other products, allow remote...
Oracle Mysql 5.0.0
Oracle Mysql
Wolfssl Yassl
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 11.04
Canonical Ubuntu Linux 11.10
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 6.06
Debian Debian Linux 5.0
Debian Debian Linux 4.0
Debian Debian Linux 6.0
Mariadb Mariadb
1 EDB exploit
7.2
CVSSv2
CVE-2020-7221
mysql_install_db in MariaDB 10.4.7 up to and including 10.4.11 allows privilege escalation from the mysql user account to root because chown and chmod are performed unsafely, as demonstrated by a symlink attack on a chmod 04755 of auth_pam_tool_dir/auth_pam_tool. NOTE: this does ...
Mariadb Mariadb
7.2
CVSSv2
CVE-2017-15945
The installation scripts in the Gentoo dev-db/mysql, dev-db/mariadb, dev-db/percona-server, dev-db/mysql-cluster, and dev-db/mariadb-galera packages prior to 2017-09-29 have chown calls for user-writable directory trees, which allows local users to gain privileges by leveraging a...
Mariadb Mariadb
Mysql Mysql
7.1
CVSSv2
CVE-2021-2389
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.34 and prior and 8.0.25 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromi...
Oracle Mysql Server
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Active Iq Unified Manager -
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Mariadb Mariadb
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »