MariaDB Server | Number Of NVD | 399 | CRITICAL | 3 | HIGH | 70 | MEDIUM | 277 | LOW | 49 |
URL | https://mariadb.org/ | ||||||||
---|---|---|---|---|---|---|---|---|---|
Explanation | It is a relational database management system (RDBMS) derived from MySQL. Paid support is available for MariaDB Enterprise Server. Since many Linux distributions have replaced MySQL with MariaDB, it is now easier to use on Linux. It has become one of the open source combinations called LAMP (Linux, Apache, MySQL [MariaDB], PHP). |
||||||||
Tag |
No | Type | Name | URL |
---|---|---|---|
1 | https://downloads.mariadb.org/mariadb/+releases/ | ||
2 | https://mariadb.com/wp-content/uploads/2019/07/mariadb-engineering-policies-v2-01_policy_1036.pdf | ||
3 | https://mariadb.com/downloads/ | ||
4 | https://mariadb.com/kb/en/mariadb-server/ |
No | Name | Latest Version | Release date | Initial release | Normal Support | Security Support Service Pack Support |
Extended for a fee |
Critical | High | Medium | Low |
---|---|---|---|---|---|---|---|---|---|---|---|
1 | MariaDB 11.2 | 11.2.1 | Aug. 21, 2023 | June 20, 2023 | 0 | 0 | 0 | 0 | |||
2 | MariaDB 11.1 | 11.1.2 | Aug. 21, 2023 | March 27, 2023 | 0 | 0 | 0 | 0 | |||
3 | MariaDB 11.0 | 11.0.3 | Aug. 14, 2023 | Dec. 27, 2022 | June 30, 2024 | 0 | 0 | 0 | 0 | ||
4 | MariaDB 10.11 | 10.11.5 | Aug. 14, 2023 | Sept. 26, 2022 | Feb. 28, 2028 | 0 | 0 | 0 | 0 | ||
5 | MariaDB 10.10 | 10.10.7 | Nov. 13, 2023 | June 21, 2022 | Nov. 30, 2023 | 0 | 0 | 0 | 0 | ||
6 | MariaDB 10.9 | 10.9.8 | Aug. 14, 2023 | March 23, 2022 | 0 | 7 | 2 | 0 | |||
7 | MariaDB 10.8 | 10.8.8 | May 10, 2023 | Dec. 21, 2021 | 0 | 14 | 2 | 0 | |||
8 | MariaDB 10.7 | 10.7.8 | Feb. 6, 2023 | Sept. 17, 2021 | Feb. 28, 2023 | 0 | 40 | 11 | 0 | ||
9 | New!! MariaDB 10.6 | 10.6.18 | May 16, 2024 | April 26, 2021 | June 30, 2026 | 0 | 41 | 20 | 0 | ||
10 | New!! MariaDB 10.5 | 10.5.25 | May 16, 2024 | Dec. 3, 2019 | June 24, 2025 | 1 | 43 | 30 | 0 | ||
11 | New!! MariaDB 10.4 | 10.4.34 | May 16, 2024 | July 2, 2019 | July 2, 2022 | 1 | 44 | 46 | 2 | ||
12 | MariaDB 10.3 | 10.3.39 | May 10, 2023 | May 25, 2018 | May 25, 2023 | 2 | 35 | 63 | 3 | ||
13 | MariaDB 10.2 | 10.2.44 | May 20, 2022 | May 23, 2017 | May 23, 2022 | 2 | 31 | 99 | 6 | ||
14 | MariaDB 10.1 | 10.1.48 | Nov. 3, 2020 | Oct. 17, 2015 | Oct. 17, 2020 | 3 | 19 | 115 | 21 | ||
15 | MariaDB 5.3 | 5.3.9 | Jan. 1, 2000 | 0 | 10 | 23 | 1 | ||||
16 | MariaDB 5.2 | 5.2.9 | Jan. 1, 2000 | 0 | 10 | 23 | 1 | ||||
17 | MariaDB 5.1 | 5.1.67 | Jan. 1, 2000 | 0 | 13 | 34 | 5 | ||||
18 | MariaDB 2.5 | 2.5.1 | Jan. 1, 2000 | 0 | 10 | 7 | 1 | ||||
19 | MariaDB 2.4 | 2.4.2 | Jan. 1, 2000 | 0 | 10 | 7 | 1 | ||||
20 | MariaDB 2.3 | 2.3.1 | Jan. 1, 2000 | 0 | 10 | 7 | 1 | ||||
21 | MariaDB 2.2 | 2.2.0 | Jan. 1, 2000 | 0 | 10 | 7 | 1 | ||||
22 | MariaDB 2.1 | 2.13.0 | Jan. 1, 2000 | 0 | 11 | 7 | 1 | ||||
23 | MariaDB 2.0 | 2.0.5 | Jan. 1, 2000 | 0 | 10 | 7 | 1 | ||||
24 | MariaDB 1.0 | 1.0.2 | Jan. 1, 2000 | 0 | 10 | 7 | 1 | ||||
25 | MariaDB 0.7 | 0.7.0 | Jan. 1, 2000 | 0 | 10 | 7 | 1 |
No | CVSS3 CVSS2 |
Level Attach Vector |
Title | CWE | CVE | cpe23Uri | or higher | or less | more than | less than | Update date Published date |
Show Affected | Exploit PoC Search |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
1 |
7.5 - |
HIGH
Network
A vulnerability was found in MariaDB. An OpenVAS port scan on ports 3306 and 4567 allows a malicious remote client to cause a denial of service.
|
NVD-CWE-noinfo
|
CVE-2023-5157
|
cpe:2.3:a:mariadb:mariadb:*:*
|
10.5.0 |
10.6.0 10.7.0 10.8.0
|
|
10.5.17 |
10.6.9 10.7.5 10.8.4 10.4.26
2023-12-23 04:25 |
2023-09-28
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2 |
6.5 - |
MEDIUM
Network |
MariaDB Server before 10.3.34 thru 10.9.3 is vulnerable to Denial of Service. It is possible for function spider_db_mbase::print_warnings to dereference a null pointer. |
CWE-476
NULL Pointer Dereference |
CVE-2022-47015 | cpe:2.3:a:mariadb:mariadb:*:* | 10.3.34 | 10.9.3 |
2023-11-7 12:56 2023-01-21 |
Show | GitHub Exploit DB Packet Storm | ||
3 |
4.4 - |
MEDIUM
Network |
Vulnerability in the MySQL Server product of Oracle MySQL (component: C API). Supported versions that are affected are 5.7.36 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows… |
NVD-CWE-noinfo
|
CVE-2022-21595 | cpe:2.3:a:mariadb:mariadb:*:* |
10.3.0 10.4.0 10.5.0 10.7.0 10.6.0 10.2.0 |
|
|
10.3.33 10.4.23 10.5.14 10.7.2 10.6.6 10.2.42 |
2022-11-9 04:33 2022-10-19 |
Show | GitHub Exploit DB Packet Storm |
4 |
5.5 - |
MEDIUM
Local |
In MariaDB before 10.9.2, compress_write in extra/mariabackup/ds_compress.cc does not release data_mutex upon a stream write failure, which allows local users to trigger a deadlock. |
CWE-667
Improper Locking |
CVE-2022-38791 |
cpe:2.3:a:mariadb:mariadb:10.9.1:* cpe:2.3:a:mariadb:mariadb:*:* |
10.3.0 10.4.0 10.5.0 10.6.0 10.7.0 10.8.0 |
|
|
10.3.36 10.4.26 10.5.17 10.6.9 10.7.5 10.8.4 |
2023-11-7 12:50 2022-08-28 |
Show | GitHub Exploit DB Packet Storm |
5 |
7.5 5.0 |
HIGH
Network
MariaDB v10.4 to v10.8 was discovered to contain a segmentation fault via the component Item_field::fix_outer_field.
|
NVD-CWE-noinfo
|
CVE-2022-32086
|
cpe:2.3:a:mariadb:mariadb:*:*
|
10.7.0 |
10.4.0 10.5.0 10.6.0
|
|
10.7.4 |
10.4.25 10.5.16 10.6.8
2022-10-26 04:49 |
2022-07-2
Show
|
GitHub
Exploit DB
Packet Storm
|
|
6 |
7.5 5.0 |
HIGH
Network
MariaDB v10.2 to v10.6.1 was discovered to contain a segmentation fault via the component Item_subselect::init_expr_cache_tracker.
|
NVD-CWE-noinfo
|
CVE-2022-32083
|
cpe:2.3:a:mariadb:mariadb:*:*
|
10.3.0 |
10.7.0 10.4.0 10.5.0 10.6.0 10.2.0
|
|
10.3.35 |
10.7.4 10.4.25 10.5.16 10.6.8 10.2.44
2022-10-26 04:48 |
2022-07-2
Show
|
GitHub
Exploit DB
Packet Storm
|
|
7 |
7.5 5.0 |
HIGH
Network
MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Exec_time_tracker::get_loops/Filesort_tracker::report_use/filesort.
|
NVD-CWE-noinfo
|
CVE-2022-32088
|
cpe:2.3:a:mariadb:mariadb:*:*
|
10.3.0 |
10.7.0 10.4.0 10.5.0 10.6.0 10.2.0
|
|
10.3.35 |
10.7.4 10.4.25 10.5.16 10.6.8 10.2.44
2022-10-27 07:27 |
2022-07-2
Show
|
GitHub
Exploit DB
Packet Storm
|
|
8 |
7.5 5.0 |
HIGH
Network
MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Item_args::walk_args.
|
NVD-CWE-noinfo
|
CVE-2022-32087
|
cpe:2.3:a:mariadb:mariadb:*:*
|
10.3.0 |
10.7.0 10.4.0 10.5.0 10.6.0
|
|
10.3.35 |
10.7.4 10.4.25 10.5.16 10.6.8
2022-10-27 07:26 |
2022-07-2
Show
|
GitHub
Exploit DB
Packet Storm
|
|
9 |
7.5 5.0 |
HIGH
Network
MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Item_func_in::cleanup/Item::cleanup_processor.
|
NVD-CWE-noinfo
|
CVE-2022-32085
|
cpe:2.3:a:mariadb:mariadb:*:*
|
10.3.0 |
10.7.0 10.4.0 10.5.0 10.6.0 10.2.0
|
|
10.3.35 |
10.7.4 10.4.25 10.5.16 10.6.8 10.2.44
2022-10-27 07:26 |
2022-07-2
Show
|
GitHub
Exploit DB
Packet Storm
|
|
10 |
7.5 5.0 |
HIGH
Network
MariaDB v10.7 was discovered to contain an use-after-poison in in __interceptor_memset at /libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc.
|
CWE-416
|
Use After Free
CVE-2022-32091
|
cpe:2.3:a:mariadb:mariadb:*:*
|
10.3.0 |
10.4.0 10.5.0 10.6.0 10.7.0 10.8.0 10.9.0
|
|
10.3.36 |
10.4.26 10.5.17 10.6.9 10.7.5 10.8.4 10.9.2
2023-11-7 12:47 |
2022-07-2
Show
|
GitHub
Exploit DB
Packet Storm
|
|