mariadb

423 tracked vulnerabilities.

CVE-2022-21595 MEDIUM
MySQL Server <= 5.7.36 and <= 8.0.27 - Authenticated Denial of Service in C API
Oct 18, 2022
CVSS 4.4
EPSS 0.01
CVE-2022-38791 MEDIUM
MariaDB 10.3.0-10.3.35 - Denial of Service via Deadlock in compress_write
Aug 27, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-32091 HIGH
MariaDB 10.3.0-10.3.35 - Use-After-Free in memset Interceptor
Jul 01, 2022
CVSS 7.5
EPSS 0.02
CVE-2022-32089 HIGH
MariaDB 10.4.0-10.4.25 - Denial of Service via st_select_lex_unit::exclude_level
Jul 01, 2022
CVSS 7.5
EPSS 0.02
CVE-2022-32088 HIGH
MariaDB 10.2.0-10.2.43 - Denial of Service via Exec_time_tracker Filesort
Jul 01, 2022
CVSS 7.5
EPSS 0.02
CVE-2022-32087 HIGH
MariaDB 10.3.0-10.3.34 - Denial of Service via Item_args::walk_args
Jul 01, 2022
CVSS 7.5
EPSS 0.02
CVE-2022-32086 HIGH
MariaDB 10.4.0-10.4.24 - Denial of Service via Item_field::fix_outer_field
Jul 01, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-32085 HIGH
MariaDB 10.2.0-10.2.43 - Denial of Service via Item_func_in::cleanup
Jul 01, 2022
CVSS 7.5
EPSS 0.02
CVE-2022-32084 HIGH
MariaDB 10.3.0-10.3.35 - Denial of Service via sub_select Component
Jul 01, 2022
CVSS 7.5
EPSS 0.02
CVE-2022-32083 HIGH
MariaDB 10.2.0-10.6.1 - Denial of Service via Item_subselect::init_expr_cache_tracker
Jul 01, 2022
CVSS 7.5
EPSS 0.02
CVE-2022-32082 HIGH
MariaDB 10.5.0-10.5.16 - Reachable Assertion in dict0dict.cc
Jul 01, 2022
CVSS 7.5
EPSS 0.02
CVE-2022-32081 HIGH
MariaDB 10.4.0-10.4.25 - Use-After-Free in prepare_inplace_add_virtual
Jul 01, 2022
CVSS 7.5
EPSS 0.02
CVE-2022-31624 MEDIUM
MariaDB < 10.2.41 - Denial of Service via Improper Lock Handling in server_audit Plugin
May 25, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-31623 MEDIUM
MariaDB < 10.2.42 - Denial of Service via Improper Lock Release in ds_compress.cc
May 25, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-31622 MEDIUM
MariaDB < 10.2.42 - Denial of Service via Improper Lock Handling in ds_compress.cc
May 25, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-31621 MEDIUM
MariaDB < 10.2.41 - Denial of Service via Improper Lock Release in xbstream_open
May 25, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-21451 MEDIUM
MySQL <= 5.7.37 and <= 8.0.28 - Authenticated Denial of Service in InnoDB
Apr 19, 2022
CVSS 4.4
EPSS 0.01
CVE-2022-21427 MEDIUM
MySQL Server <= 5.7.37 and <= 8.0.28 - Authenticated Denial of Service in FTS Component
Apr 19, 2022
CVSS 4.9
EPSS 0.02
CVE-2022-27457 HIGH
MariaDB 10.4.0-10.4.24 - Use-After-Free in my_mb_wc_latin1
Apr 14, 2022
CVSS 7.5
EPSS 0.02
CVE-2022-27456 HIGH
MariaDB 10.3.0-10.3.34 - Use-After-Free in VDec::VDec
Apr 14, 2022
CVSS 7.5
EPSS 0.02
CVE-2022-27455 HIGH
MariaDB 10.4.0-10.4.25 - Use-After-Free in my_wildcmp_8bit_impl
Apr 14, 2022
CVSS 7.5
EPSS 0.02
CVE-2022-27452 HIGH
MariaDB Server <10.9 - Memory Corruption
Apr 14, 2022
CVSS 7.5
EPSS 0.02
CVE-2022-27451 HIGH
MariaDB Server <10.9 - Memory Corruption
Apr 14, 2022
CVSS 7.5
EPSS 0.02
CVE-2022-27449 HIGH
MariaDB Server <10.9 - Memory Corruption
Apr 14, 2022
CVSS 7.5
EPSS 0.02
CVE-2022-27448 HIGH
MariaDB 10.3.0-10.3.34 - Reachable Assertion via BTR_PCUR_ON Check
Apr 14, 2022
CVSS 7.5
EPSS 0.02