Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mariadb vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2021-2144
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Supported versions that are affected are 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to co...
Oracle Mysql
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Active Iq Unified Manager -
Mariadb Mariadb
7.2
CVSSv3
CVE-2021-27928
A remote code execution issue exists in MariaDB 10.2 prior to 10.2.37, 10.3 prior to 10.3.28, 10.4 prior to 10.4.18, and 10.5 prior to 10.5.9; Percona Server through 2021-03-03; and the wsrep patch through 2021-03-03 for MySQL. An untrusted search path leads to eval injection, in...
Mariadb Mariadb
Percona Percona Server
Galeracluster Wsrep
Debian Debian Linux 9.0
10 Github repositories
7
CVSSv3
CVE-2020-28912
With MariaDB running on Windows, when local clients connect to the server over named pipes, it's possible for an unprivileged user with an ability to run code on the server machine to intercept the named pipe connection and act as a man-in-the-middle, gaining access to all t...
Mariadb Mariadb
7
CVSSv3
CVE-2019-19346
An insecure modification vulnerability in the /etc/passwd file was found in the container openshift/mariadb-apb, affecting versions before the following 4.3.5, 4.2.21, 4.1.37, and 3.11.188-4 . An attacker with access to the container could use this flaw to modify /etc/passwd and ...
Redhat Openshift
7
CVSSv3
CVE-2016-6664
mysqld_safe in Oracle MySQL up to and including 5.5.51, 5.6.x up to and including 5.6.32, and 5.7.x up to and including 5.7.14; MariaDB; Percona Server prior to 5.5.51-38.2, 5.6.x prior to 5.6.32-78-1, and 5.7.x prior to 5.7.14-8; and Percona XtraDB Cluster prior to 5.5.41-37.0, ...
Oracle Mysql
Mariadb Mariadb
Percona Percona Server
Percona Xtradb Cluster
1 EDB exploit
1 Github repository
1 Article
6.6
CVSSv3
CVE-2017-3600
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.54 and previous versions, 5.6.35 and previous versions and 5.7.17 and previous versions. Difficult to exploit vulnerability allows high privi...
Oracle Mysql
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Eus 7.4
Redhat Enterprise Linux Server Eus 7.5
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Eus 7.6
Redhat Enterprise Linux Server Aus 7.6
Debian Debian Linux 8.0
Mariadb Mariadb
6.5
CVSSv3
CVE-2023-40354
An issue exists in MariaDB MaxScale prior to 23.02.3. A user enters an encrypted password on a "maxctrl create service" command line, but this password is then stored in cleartext in the resulting .cnf file under /var/lib/maxscale/maxscale.cnf.d. The fixed versions are ...
Mariadb Maxscale
6.5
CVSSv3
CVE-2022-47015
MariaDB Server prior to 10.3.34 thru 10.9.3 is vulnerable to Denial of Service. It is possible for function spider_db_mbase::print_warnings to dereference a null pointer.
Mariadb Mariadb
6.5
CVSSv3
CVE-2022-39219
Bifrost is a middleware package which can synchronize MySQL/MariaDB binlog data to other types of databases. Versions 1.8.6-release and prior are vulnerable to authentication bypass when using HTTP basic authentication. This may allow group members who only have read permissions ...
Xbifrost Bifrost
6.5
CVSSv3
CVE-2021-39203
WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. In affected versions authenticated users who don't have permission to view private post types/data can bypass restrictions in the block editor under cert...
Wordpress Wordpress 5.8
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »