MariaDB — ответвление от системы управления базами данных MySQL, разрабатываемое сообществом под лицензией GNU GPL.
Релизный цикл, информация об уязвимостях
График релизов
Количество 2 148
CVE-2023-26785
MariaDB v10.5 was discovered to contain a remote code execution (RCE) vulnerability via UDF Code in a Shared Object File, followed by a "create function" statement. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed.
CVE-2023-39593
Insecure permissions in the sys_exec function of MariaDB v10.5 allows authenticated attackers to execute arbitrary commands with elevated privileges. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed.
CVE-2024-27766
An issue in MariaDB v.11.1 allows a remote attacker to execute arbitrary code via the lib_mysqludf_sys.so function. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed.
CVE-2023-26785
MariaDB v10.5 was discovered to contain a remote code execution (RCE) vulnerability via UDF Code in a Shared Object File, followed by a "create function" statement. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed.
CVE-2024-27766
An issue in MariaDB v.11.1 allows a remote attacker to execute arbitrary code via the lib_mysqludf_sys.so function. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed.
CVE-2023-39593
Insecure permissions in the sys_exec function of MariaDB v10.5 allows authenticated attackers to execute arbitrary commands with elevated privileges. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed.
SUSE-SU-2024:1922-1
Security update for mariadb104
BDU:2024-08763
Уязвимость библиотеки lib_mysqludf_sys.so системы управления базами данных MariaDB, позволяющая нарушителю повысить свои привилегии и выполнить произвольный код
SUSE-SU-2023:4908-1
Security update for mariadb
SUSE-SU-2023:4907-1
Security update for mariadb
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | CVE-2023-26785 MariaDB v10.5 was discovered to contain a remote code execution (RCE) vulnerability via UDF Code in a Shared Object File, followed by a "create function" statement. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed. | CVSS3: 9.8 | 50% Средний | около 1 года назад |
| CVE-2023-39593 Insecure permissions in the sys_exec function of MariaDB v10.5 allows authenticated attackers to execute arbitrary commands with elevated privileges. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed. | CVSS3: 5.6 | 0% Низкий | около 1 года назад |
| CVE-2024-27766 An issue in MariaDB v.11.1 allows a remote attacker to execute arbitrary code via the lib_mysqludf_sys.so function. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed. | CVSS3: 5.7 | 25% Средний | около 1 года назад |
 | CVE-2023-26785 MariaDB v10.5 was discovered to contain a remote code execution (RCE) vulnerability via UDF Code in a Shared Object File, followed by a "create function" statement. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed. | CVSS3: 5.5 | 50% Средний | около 1 года назад |
| CVE-2024-27766 An issue in MariaDB v.11.1 allows a remote attacker to execute arbitrary code via the lib_mysqludf_sys.so function. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed. | CVSS3: 5.5 | 25% Средний | около 1 года назад |
| CVE-2023-39593 Insecure permissions in the sys_exec function of MariaDB v10.5 allows authenticated attackers to execute arbitrary commands with elevated privileges. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed. | CVSS3: 5.5 | 0% Низкий | около 1 года назад |
 | SUSE-SU-2024:1922-1 Security update for mariadb104 | 1% Низкий | больше 1 года назад | |
 | BDU:2024-08763 Уязвимость библиотеки lib_mysqludf_sys.so системы управления базами данных MariaDB, позволяющая нарушителю повысить свои привилегии и выполнить произвольный код | CVSS3: 5.7 | 25% Средний | почти 2 года назад |
| SUSE-SU-2023:4908-1 Security update for mariadb | 1% Низкий | почти 2 года назад | |
| SUSE-SU-2023:4907-1 Security update for mariadb | 1% Низкий | почти 2 года назад |
Уязвимостей на страницу