Количество 24
Количество 24
CVE-2022-24051
MariaDB CONNECT Storage Engine Format String Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of proper validation of a user-supplied string before using it as a format specifier. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16193.
CVE-2022-24051
MariaDB CONNECT Storage Engine Format String Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of proper validation of a user-supplied string before using it as a format specifier. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16193.
CVE-2022-24051
MariaDB CONNECT Storage Engine Format String Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of proper validation of a user-supplied string before using it as a format specifier. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16193.
CVE-2022-24051
MariaDB CONNECT Storage Engine Format String Privilege Escalation Vuln ...
GHSA-8c8g-735r-wqqj
This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of proper validation of a user-supplied string before using it as a format specifier. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16193.
BDU:2022-00837
Уязвимость реализации функции CONNECT системы управления базами данных MariaDB, позволяющая нарушителю выполнить произвольный код
ROS-20220217-01
Уязвимость системы управления базами данных MariaDB
openSUSE-SU-2022:0731-1
Security update for mariadb
openSUSE-SU-2022:0726-1
Security update for mariadb
openSUSE-SU-2022:0725-1
Security update for mariadb
SUSE-SU-2022:0782-1
Security update for mariadb
SUSE-SU-2022:0731-2
Security update for mariadb
SUSE-SU-2022:0731-1
Security update for mariadb
SUSE-SU-2022:0726-1
Security update for mariadb
SUSE-SU-2022:0725-1
Security update for mariadb
ELSA-2022-6443
ELSA-2022-6443: mariadb:10.3 security and bug fix update (MODERATE)
SUSE-SU-2022:2561-1
Security update for mariadb
RLSA-2022:6443
Moderate: mariadb:10.3 security and bug fix update
ELSA-2022-5948
ELSA-2022-5948: galera, mariadb, and mysql-selinux security, bug fix, and enhancement update (MODERATE)
ELSA-2022-5826
ELSA-2022-5826: mariadb:10.5 security, bug fix, and enhancement update (MODERATE)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-24051 MariaDB CONNECT Storage Engine Format String Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of proper validation of a user-supplied string before using it as a format specifier. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16193. | CVSS3: 7.8 | 0% Низкий | больше 3 лет назад |
 | CVE-2022-24051 MariaDB CONNECT Storage Engine Format String Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of proper validation of a user-supplied string before using it as a format specifier. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16193. | CVSS3: 7.8 | 0% Низкий | больше 3 лет назад |
 | CVE-2022-24051 MariaDB CONNECT Storage Engine Format String Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of proper validation of a user-supplied string before using it as a format specifier. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16193. | CVSS3: 7.8 | 0% Низкий | больше 3 лет назад |
| CVE-2022-24051 MariaDB CONNECT Storage Engine Format String Privilege Escalation Vuln ... | CVSS3: 7.8 | 0% Низкий | больше 3 лет назад |
| GHSA-8c8g-735r-wqqj This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of proper validation of a user-supplied string before using it as a format specifier. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16193. | CVSS3: 7.8 | 0% Низкий | больше 3 лет назад |
 | BDU:2022-00837 Уязвимость реализации функции CONNECT системы управления базами данных MariaDB, позволяющая нарушителю выполнить произвольный код | CVSS3: 7 | больше 3 лет назад | |
 | ROS-20220217-01 Уязвимость системы управления базами данных MariaDB | больше 3 лет назад | ||
 | openSUSE-SU-2022:0731-1 Security update for mariadb | больше 3 лет назад | ||
| openSUSE-SU-2022:0726-1 Security update for mariadb | больше 3 лет назад | ||
| openSUSE-SU-2022:0725-1 Security update for mariadb | больше 3 лет назад | ||
| SUSE-SU-2022:0782-1 Security update for mariadb | больше 3 лет назад | ||
| SUSE-SU-2022:0731-2 Security update for mariadb | около 3 лет назад | ||
| SUSE-SU-2022:0731-1 Security update for mariadb | больше 3 лет назад | ||
| SUSE-SU-2022:0726-1 Security update for mariadb | больше 3 лет назад | ||
| SUSE-SU-2022:0725-1 Security update for mariadb | больше 3 лет назад | ||
| ELSA-2022-6443 ELSA-2022-6443: mariadb:10.3 security and bug fix update (MODERATE) | почти 3 года назад | ||
| SUSE-SU-2022:2561-1 Security update for mariadb | почти 3 года назад | ||
 | RLSA-2022:6443 Moderate: mariadb:10.3 security and bug fix update | почти 3 года назад | ||
| ELSA-2022-5948 ELSA-2022-5948: galera, mariadb, and mysql-selinux security, bug fix, and enhancement update (MODERATE) | почти 3 года назад | ||
| ELSA-2022-5826 ELSA-2022-5826: mariadb:10.5 security, bug fix, and enhancement update (MODERATE) | почти 3 года назад |
Уязвимостей на страницу