Логотип exploitDog
product: "mariadb"
Консоль
Логотип exploitDog

exploitDog

product: "mariadb"
MariaDB

MariaDBответвление от системы управления базами данных MySQL, разрабатываемое сообществом под лицензией GNU GPL.

Релизный цикл, информация об уязвимостях

Продукт: MariaDB
Вендор: mariadb

График релизов

10.610.710.810.910.1010.1111.011.111.211.311.411.511.611.711.812.012.12021202220232024202520262027202820292030

Недавние уязвимости MariaDB

Количество 2 149

github логотип

GHSA-wgcw-36qc-jvj2

больше 3 лет назад

Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, and 5.5.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.

EPSS: Низкий
github логотип

GHSA-rghf-5q3x-c6vw

больше 3 лет назад

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability, related to Server DML.

EPSS: Низкий
github логотип

GHSA-jgx2-h5wg-8cmc

больше 3 лет назад

Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.

CVSS3: 4.9
EPSS: Низкий
github логотип

GHSA-52xg-2453-vmhx

больше 3 лет назад

Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.

CVSS3: 3.7
EPSS: Низкий
github логотип

GHSA-6rqj-j79f-57vc

больше 3 лет назад

Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.

CVSS3: 5.3
EPSS: Низкий
github логотип

GHSA-h534-4fvw-mm64

больше 3 лет назад

Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.

CVSS3: 6.5
EPSS: Низкий
github логотип

GHSA-chpg-5745-m74h

больше 3 лет назад

Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.

CVSS3: 3.7
EPSS: Низкий
github логотип

GHSA-x24r-xfh8-7ww8

больше 3 лет назад

Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Parser.

CVSS3: 8.1
EPSS: Низкий
github логотип

GHSA-gw5g-54qg-7583

больше 3 лет назад

The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a "/CN=" string in a field in a certificate, as demonstrated by "/OU=/CN=bar.com/CN=foo.com."

CVSS3: 5.9
EPSS: Низкий
github логотип

GHSA-4mp4-fj98-86xx

больше 3 лет назад

Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to DML.

CVSS3: 5.5
EPSS: Низкий

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
1
github логотип
GHSA-wgcw-36qc-jvj2

Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, and 5.5.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.

1%
Низкий
больше 3 лет назад
github логотип
GHSA-rghf-5q3x-c6vw

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability, related to Server DML.

1%
Низкий
больше 3 лет назад
github логотип
GHSA-jgx2-h5wg-8cmc

Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.

CVSS3: 4.9
1%
Низкий
больше 3 лет назад
github логотип
GHSA-52xg-2453-vmhx

Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.

CVSS3: 3.7
4%
Низкий
больше 3 лет назад
github логотип
GHSA-6rqj-j79f-57vc

Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.

CVSS3: 5.3
2%
Низкий
больше 3 лет назад
github логотип
GHSA-h534-4fvw-mm64

Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.

CVSS3: 6.5
1%
Низкий
больше 3 лет назад
github логотип
GHSA-chpg-5745-m74h

Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.

CVSS3: 3.7
3%
Низкий
больше 3 лет назад
github логотип
GHSA-x24r-xfh8-7ww8

Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Parser.

CVSS3: 8.1
0%
Низкий
больше 3 лет назад
github логотип
GHSA-gw5g-54qg-7583

The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a "/CN=" string in a field in a certificate, as demonstrated by "/OU=/CN=bar.com/CN=foo.com."

CVSS3: 5.9
2%
Низкий
больше 3 лет назад
github логотип
GHSA-4mp4-fj98-86xx

Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to DML.

CVSS3: 5.5
0%
Низкий
больше 3 лет назад

Уязвимостей на страницу

Поделиться