Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mariadb vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2016-10553
sequelize is an Object-relational mapping, or a middleman to convert things from Postgres, MySQL, MariaDB, SQLite and Microsoft SQL Server into usable data for NodeJS. A fix was pushed out that fixed potential SQL injection in sequelize 2.1.3 and previous versions.
Sequelizejs Sequelize
9.8
CVSSv3
CVE-2016-10550
sequelize is an Object-relational mapping, or a middleman to convert things from Postgres, MySQL, MariaDB, SQLite and Microsoft SQL Server into usable data for NodeJS If user input goes into the `limit` or `order` parameters, a malicious user can put in their own SQL statements. ...
Sequelizejs Sequelize
9.8
CVSSv3
CVE-2016-10554
sequelize is an Object-relational mapping, or a middleman to convert things from Postgres, MySQL, MariaDB, SQLite and Microsoft SQL Server into usable data for NodeJS. Before version 1.7.0-alpha3, sequelize defaulted SQLite to use MySQL backslash escaping, even though SQLite uses...
Sequelizejs Sequelize 1.7.0
Sequelizejs Sequelize
9
CVSSv3
CVE-2020-15180
A flaw was found in the mysql-wsrep component of mariadb. Lack of input sanitization in `wsrep_sst_method` allows for command injection that can be exploited by a remote malicious user to execute arbitrary commands on galera cluster nodes. This threatens the system's confide...
Mariadb Mariadb
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Percona Xtradb Cluster
Galeracluster Galera Cluster For Mysql
8.8
CVSSv3
CVE-2022-39267
Bifrost is a heterogeneous middleware that synchronizes MySQL, MariaDB to Redis, MongoDB, ClickHouse, MySQL and other services for production environments. Versions before 1.8.8-release are subject to authentication bypass in the admin and monitor user groups by deleting the X-Re...
Xbifrost Bifrost
8.8
CVSSv3
CVE-2022-21664
WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Due to lack of proper sanitization in one of the classes, there's potential for unintended SQL queries to be executed. This has been patched in WordPress version ...
Wordpress Wordpress
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 34
Fedoraproject Fedora 35
8.8
CVSSv3
CVE-2020-13249
libmariadb/mariadb_lib.c in MariaDB Connector/C prior to 3.1.8 does not properly validate the content of an OK packet received from a server. NOTE: although mariadb_lib.c was originally based on code shipped for MySQL, this issue does not affect any MySQL components supported by ...
Mariadb Connector\\/c
Opensuse Leap 15.1
Fedoraproject Fedora 31
Fedoraproject Fedora 32
8.8
CVSSv3
CVE-2017-15365
sql/event_data_objects.cc in MariaDB prior to 10.1.30 and 10.2.x prior to 10.2.10 and Percona XtraDB Cluster prior to 5.6.37-26.21-3 and 5.7.x prior to 5.7.19-29.22-3 allows remote authenticated users with SQL access to bypass intended access restrictions and replicate data defin...
Fedoraproject Fedora 26
Mariadb Mariadb
Percona Xtradb Cluster
8.1
CVSSv3
CVE-2023-26567
Sangoma FreePBX 1805 through 2302 (when obtained as a ,.ISO file) places AMPDBUSER, AMPDBPASS, AMPMGRUSER, and AMPMGRPASS in the list of global variables. This exposes cleartext authentication credentials for the Asterisk Database (MariaDB/MySQL) and Asterisk Manager Interface. F...
Sangoma Freepbx Linux 7 1805
Sangoma Freepbx Linux 7 1904
Sangoma Freepbx Linux 7 1910
Sangoma Freepbx Linux 7 2002
Sangoma Freepbx Linux 7 2008
Sangoma Freepbx Linux 7 2011
Sangoma Freepbx Linux 7 2104
Sangoma Freepbx Linux 7 2105
Sangoma Freepbx Linux 7 2109
Sangoma Freepbx Linux 7 2112
Sangoma Freepbx Linux 7 2201
Sangoma Freepbx Linux 7 2202
Sangoma Freepbx Linux 7 2203
Sangoma Freepbx Linux 7 2302
8.1
CVSSv3
CVE-2016-3477
Unspecified vulnerability in Oracle MySQL 5.5.49 and previous versions, 5.6.30 and previous versions, and 5.7.12 and previous versions and MariaDB prior to 5.5.50, 10.0.x prior to 10.0.26, and 10.1.x prior to 10.1.15 allows local users to affect confidentiality, integrity, and av...
Ibm Powerkvm 3.1
Ibm Powerkvm 2.1
Oracle Mysql
Oracle Linux 7
Mariadb Mariadb
Debian Debian Linux 8.0
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 16.04
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111
CVE-2024-32884
IDOR
CVE-2023-1000
CVE-2024-33260
CVE-2024-3682
reflected XSS
race condition
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »