mariadb
423 tracked vulnerabilities.
CVE-2021-46665
MEDIUM
MariaDB 10.2.0-10.2.42 - Denial of Service via sql_parse.cc Used Tables Mismatch
Feb 01, 2022
CVSS 5.5
EPSS 0.00
CVE-2021-46664
MEDIUM
MariaDB 10.2.0-10.2.42 - Denial of Service via NULL Value in sub_select_postjoin_aggr
Feb 01, 2022
CVSS 5.5
EPSS 0.00
CVE-2021-46663
MEDIUM
MariaDB 10.2.41-10.2.42 - Denial of Service via SELECT Statement
Feb 01, 2022
CVSS 5.5
EPSS 0.00
CVE-2021-46662
MEDIUM
MariaDB 10.3.0-10.3.31 - Denial of Service via UPDATE Statement with Nested Subquery
Feb 01, 2022
CVSS 5.5
EPSS 0.00
CVE-2021-46661
MEDIUM
MariaDB 10.2.0-10.2.42 - Denial of Service via Unused Common Table Expression
Feb 01, 2022
CVSS 5.5
EPSS 0.00
CVE-2021-46659
MEDIUM
MariaDB 5.5.0-10.2.41 - Denial of Service via SELECT_LEX::nest_level Mismanagement
Jan 29, 2022
CVSS 5.5
EPSS 0.01
CVE-2021-46658
MEDIUM
MariaDB <10.6.3 - Memory Corruption
Jan 29, 2022
CVSS 5.5
EPSS 0.00
CVE-2021-46657
MEDIUM
MariaDB <10.6.2 - Memory Corruption
Jan 29, 2022
CVSS 5.5
EPSS 0.00
CVE-2021-35604
MEDIUM
MySQL Server 5.7.0-5.7.35 and 8.0.0-8.0.26 - Authenticated Denial of Service and Data Manipulation in InnoDB
Oct 20, 2021
CVSS 5.5
EPSS 0.02
CVE-2021-2389
MEDIUM
MySQL Server <= 5.7.34 and <= 8.0.25 - Unauthenticated Denial of Service in InnoDB
Jul 21, 2021
CVSS 5.9
EPSS 0.08
CVE-2021-2372
MEDIUM
MySQL Server <= 5.7.34 and <= 8.0.25 - Authenticated Denial of Service in InnoDB
Jul 21, 2021
CVSS 4.4
EPSS 0.03
CVE-2021-2194
MEDIUM
MySQL Server <= 5.7.33 and <= 8.0.23 - Authenticated Denial of Service in InnoDB
Apr 22, 2021
CVSS 4.9
EPSS 0.02
CVE-2021-2180
MEDIUM
MySQL Server <= 5.7.33 and <= 8.0.23 - Authenticated Denial of Service in InnoDB
Apr 22, 2021
CVSS 4.9
EPSS 0.03
CVE-2021-2174
MEDIUM
MySQL Server <= 5.7.33 and <= 8.0.23 - Denial of Service in InnoDB
Apr 22, 2021
CVSS 4.4
EPSS 0.02
CVE-2021-2166
MEDIUM
MySQL Server 5.7.0-5.7.33 and 8.0.0-8.0.23 - Authenticated Denial of Service in DML Component
Apr 22, 2021
CVSS 4.9
EPSS 0.05
CVE-2021-2154
MEDIUM
MySQL Server <= 5.7.33 - Authenticated Denial of Service in DML Component
Apr 22, 2021
CVSS 4.9
EPSS 0.02
CVE-2021-2144
HIGH
MySQL Server < 5.7.29 and 8.0.19 - Authenticated Remote Code Execution in Parser
Apr 22, 2021
CVSS 7.2
EPSS 0.02
CVE-2021-27928
HIGH
MariaDB <10.2.37, 10.3.28, 10.4.18, 10.5.9 - RCE
Mar 19, 2021
CVSS 7.2
EPSS 0.38
CVE-2021-2032
MEDIUM
MySQL Server <8.0.22 - Info Disclosure
Jan 20, 2021
CVSS 4.3
EPSS 0.02
CVE-2021-2022
MEDIUM
MySQL < 5.6.50, 5.7.32, 8.0.22 - Authenticated Denial of Service in InnoDB
Jan 20, 2021
CVSS 4.4
EPSS 0.02
CVE-2021-2011
MEDIUM
MySQL Client <= 5.7.32 and <= 8.0.22 - Unauthenticated Denial of Service via Multiple Protocols
Jan 20, 2021
CVSS 5.9
EPSS 0.03
CVE-2021-2007
LOW
Oracle MySQL <5.6.48, <5.7.30, <8.0.20 - SQL Injection
Jan 20, 2021
CVSS 3.7
EPSS 0.02
CVE-2020-15180
CRITICAL
mariadb <10.1.47-10.5.6 - Command Injection
May 27, 2021
CVSS 9.0
EPSS 0.06
CVE-2020-28912
HIGH
MariaDB < 10.1.48 - Unauthenticated Man-in-the-Middle via Named Pipe Security Descriptor
Dec 24, 2020
CVSS 7.0
EPSS 0.00
CVE-2020-14812
MEDIUM
MySQL Server <= 5.6.49, 5.7.31, 8.0.21 - Authenticated Denial of Service in Locking Component
Oct 21, 2020
CVSS 4.9
EPSS 0.03
Quick Filters