Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mariadb vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2022-38791
In MariaDB prior to 10.9.2, compress_write in extra/mariabackup/ds_compress.cc does not release data_mutex upon a stream write failure, which allows local users to trigger a deadlock.
Mariadb Mariadb
Mariadb Mariadb 10.9.1
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
5.5
CVSSv3
CVE-2022-31622
MariaDB Server prior to 10.7 is vulnerable to Denial of Service. In extra/mariabackup/ds_compress.cc, when an error occurs (pthread_create returns a nonzero value) while executing the method create_worker_threads, the held lock is not released correctly, which allows local users ...
Mariadb Mariadb
5.5
CVSSv3
CVE-2022-31623
MariaDB Server prior to 10.7 is vulnerable to Denial of Service. In extra/mariabackup/ds_compress.cc, when an error occurs (i.e., going to the err label) while executing the method create_worker_threads, the held lock thd->ctrl_mutex is not released correctly, which allows loc...
Mariadb Mariadb
5.5
CVSSv3
CVE-2022-31624
MariaDB Server prior to 10.7 is vulnerable to Denial of Service. While executing the plugin/server_audit/server_audit.c method log_statement_ex, the held lock lock_bigbuffer is not released correctly, which allows local users to trigger a denial of service due to the deadlock.
Mariadb Mariadb
7.8
CVSSv3
CVE-2020-7221
mysql_install_db in MariaDB 10.4.7 up to and including 10.4.11 allows privilege escalation from the mysql user account to root because chown and chmod are performed unsafely, as demonstrated by a symlink attack on a chmod 04755 of auth_pam_tool_dir/auth_pam_tool. NOTE: this does ...
Mariadb Mariadb
6.5
CVSSv3
CVE-2022-47015
MariaDB Server prior to 10.3.34 thru 10.9.3 is vulnerable to Denial of Service. It is possible for function spider_db_mbase::print_warnings to dereference a null pointer.
Mariadb Mariadb
7.5
CVSSv3
CVE-2022-27451
MariaDB Server v10.9 and below exists to contain a segmentation fault via the component sql/field_conv.cc.
Mariadb Mariadb
7.5
CVSSv3
CVE-2022-27455
MariaDB Server v10.6.3 and below exists to contain an use-after-free in the component my_wildcmp_8bit_impl at /strings/ctype-simple.c.
Mariadb Mariadb
7.5
CVSSv3
CVE-2022-27457
MariaDB Server v10.6.3 and below exists to contain an use-after-free in the component my_mb_wc_latin1 at /strings/ctype-latin1.c.
Mariadb Mariadb
7.5
CVSSv3
CVE-2022-32086
MariaDB v10.4 to v10.8 exists to contain a segmentation fault via the component Item_field::fix_outer_field.
Mariadb Mariadb
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30065
CVE-2024-5843
CVE-2024-30080
code execution
CVE-2024-4577
CVE-2024-26169
wireless
remote code execution
CVE-2024-36103
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »