Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mariadb mariadb vulnerabilities and exploits
(subscribe to this query)
392
VMScore
CVE-2020-28912
With MariaDB running on Windows, when local clients connect to the server over named pipes, it's possible for an unprivileged user with an ability to run code on the server machine to intercept the named pipe connection and act as a man-in-the-middle, gaining access to all t...
Mariadb Mariadb
187
VMScore
CVE-2022-31622
MariaDB Server prior to 10.7 is vulnerable to Denial of Service. In extra/mariabackup/ds_compress.cc, when an error occurs (pthread_create returns a nonzero value) while executing the method create_worker_threads, the held lock is not released correctly, which allows local users ...
Mariadb Mariadb
187
VMScore
CVE-2022-31621
MariaDB Server prior to 10.7 is vulnerable to Denial of Service. In extra/mariabackup/ds_xbstream.cc, when an error occurs (stream_ctxt->dest_file == NULL) while executing the method xbstream_open, the held lock is not released correctly, which allows local users to trigger a ...
Mariadb Mariadb
641
VMScore
CVE-2020-7221
mysql_install_db in MariaDB 10.4.7 up to and including 10.4.11 allows privilege escalation from the mysql user account to root because chown and chmod are performed unsafely, as demonstrated by a symlink attack on a chmod 04755 of auth_pam_tool_dir/auth_pam_tool. NOTE: this does ...
Mariadb Mariadb
445
VMScore
CVE-2022-32086
MariaDB v10.4 to v10.8 exists to contain a segmentation fault via the component Item_field::fix_outer_field.
Mariadb Mariadb
445
VMScore
CVE-2022-27382
MariaDB Server v10.7 and below exists to contain a segmentation fault via the component Item_field::used_tables/update_depend_map_for_order.
Mariadb Mariadb
445
VMScore
CVE-2022-27385
An issue in the component Used_tables_and_const_cache::used_tables_and_const_cache_join of MariaDB Server v10.7 and below exists to allow malicious users to cause a Denial of Service (DoS) via specially crafted SQL statements.
Mariadb Mariadb
445
VMScore
CVE-2022-27444
MariaDB Server v10.9 and below exists to contain a segmentation fault via the component sql/item_subselect.cc.
Mariadb Mariadb
445
VMScore
CVE-2022-27446
MariaDB Server v10.9 and below exists to contain a segmentation fault via the component sql/item_cmpfunc.h.
Mariadb Mariadb
445
VMScore
CVE-2022-27451
MariaDB Server v10.9 and below exists to contain a segmentation fault via the component sql/field_conv.cc.
Mariadb Mariadb
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »