Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
MariaDB Server Number Of NVD 399 CRITICAL 3 HIGH 70 MEDIUM 277 LOW 49
URL https://mariadb.org/
Explanation It is a relational database management system (RDBMS) derived from MySQL.
Paid support is available for MariaDB Enterprise Server.
Since many Linux distributions have replaced MySQL with MariaDB, it is now easier to use on Linux.

It has become one of the open source combinations called LAMP (Linux, Apache, MySQL [MariaDB], PHP).
Tag
  • 商用ライセンス有り
  • オープンソース
  • GPL v2
Add Information URL
No Type Name URL
1 https://downloads.mariadb.org/mariadb/+releases/
2 https://mariadb.com/wp-content/uploads/2019/07/mariadb-engineering-policies-v2-01_policy_1036.pdf
3 https://mariadb.com/downloads/
4 https://mariadb.com/kb/en/mariadb-server/
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
91 MariaDB 11.2 11.2.6 Nov. 1, 2024 June 20, 2023 0 0 0 0
92 MariaDB 11.1 11.1.6 Aug. 8, 2024 March 27, 2023 0 0 0 0
93 MariaDB 11.0 11.0.6 May 16, 2024 Dec. 27, 2022 June 30, 2024 0 0 0 0
94 MariaDB 10.11 10.11.13 May 22, 2025 Sept. 26, 2022 Feb. 28, 2028 0 0 1 0
95 MariaDB 10.10 10.10.7 Nov. 13, 2023 June 21, 2022 Nov. 30, 2023 0 0 1 0
96 MariaDB 10.9 10.9.8 Aug. 14, 2023 March 23, 2022 0 7 2 0
97 MariaDB 10.8 10.8.8 May 10, 2023 Dec. 21, 2021 0 14 2 0
98 MariaDB 10.7 10.7.8 Feb. 6, 2023 Sept. 17, 2021 Feb. 28, 2023 0 40 10 0
99 MariaDB 10.6 10.6.22 May 6, 2025 April 26, 2021 June 30, 2026 0 41 20 0
100 MariaDB 10.5 10.5.29 May 6, 2025 Dec. 3, 2019 June 24, 2025 1 43 30 0
101 MariaDB 10.4 10.4.34 May 16, 2024 July 2, 2019 July 2, 2022 1 44 46 2
102 MariaDB 10.3 10.3.39 May 10, 2023 May 25, 2018 May 25, 2023 2 35 63 3
103 MariaDB 10.2 10.2.44 May 20, 2022 May 23, 2017 May 23, 2022 2 31 99 6
104 MariaDB 10.1 10.1.48 Nov. 3, 2020 Oct. 17, 2015 Oct. 17, 2020 3 19 115 21
105 MariaDB 5.3 5.3.9 Jan. 1, 2000 0 10 23 1
106 MariaDB 5.2 5.2.9 Jan. 1, 2000 0 10 23 1
107 MariaDB 5.1 5.1.67 Jan. 1, 2000 0 13 34 5
108 MariaDB 2.5 2.5.1 Jan. 1, 2000 0 10 7 1
109 MariaDB 2.4 2.4.2 Jan. 1, 2000 0 10 7 1
110 MariaDB 2.3 2.3.1 Jan. 1, 2000 0 10 7 1
111 MariaDB 2.2 2.2.0 Jan. 1, 2000 0 10 7 1
112 MariaDB 2.1 2.13.0 Jan. 1, 2000 0 11 7 1
113 MariaDB 2.0 2.0.5 Jan. 1, 2000 0 10 7 1
114 MariaDB 1.0 1.0.2 Jan. 1, 2000 0 10 7 1
115 MariaDB 0.7 0.7.0 Jan. 1, 2000 0 10 7 1
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
91 5.5
4.3 		MEDIUM
Local 		The pcre_compile2 function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code and cause a denial of service (out-of-bounds read) via regular expression with a group cont… CWE-125
Out-of-bounds Read 		CVE-2015-2326 cpe:2.3:a:mariadb:mariadb:*:* 10.0.0 10.0.18 2024-11-21 11:27
2020-01-15 		Show GitHub Exploit DB Packet Storm
92 7.8
6.8 		HIGH
Local 		The compile_branch function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code, cause a denial of service (out-of-bounds heap read and crash), or possibly have other uns… CWE-125
CWE-787
Out-of-bounds Read
 Out-of-bounds Write 		CVE-2015-2325 cpe:2.3:a:mariadb:mariadb:*:* 10.0.18 2024-11-21 11:27
2020-01-15 		Show GitHub Exploit DB Packet Storm
93 6.5
4.0 		MEDIUM
Network 		Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.45 and prior, 5.7.27 and prior and 8.0.17 and prior. Easily expl… NVD-CWE-noinfo
CVE-2019-2974 cpe:2.3:a:mariadb:mariadb:*:* 10.1.0
10.2.0
10.3.0
10.4.0
5.5.0







10.1.42
10.2.28
10.3.19
10.4.9
5.5.66 		2024-11-21 13:41
2019-10-17 		Show GitHub Exploit DB Packet Storm
94 4.4
3.5 		MEDIUM
Network 		Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.27 and prior and 8.0.17 and prior. Difficult to exploit vulnerability allow… NVD-CWE-noinfo
CVE-2019-2938 cpe:2.3:a:mariadb:mariadb:*:* 10.2.0
10.3.0
10.4.0



10.2.28
10.3.19
10.4.9 		2024-11-21 13:41
2019-10-17 		Show GitHub Exploit DB Packet Storm
95 6.5
4.0 		MEDIUM
Network 		Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily ex… NVD-CWE-noinfo
CVE-2019-2805 cpe:2.3:a:mariadb:mariadb:*:* 10.2.0
10.3.0
10.4.0
5.5.0
10.1.0







10.2.26
10.3.17
10.4.7
5.5.65
10.1.41 		2024-11-21 13:41
2019-07-24 		Show GitHub Exploit DB Packet Storm
96 5.5
5.5 		MEDIUM
Network 		Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability al… NVD-CWE-noinfo
CVE-2019-2758 cpe:2.3:a:mariadb:mariadb:*:* 10.2.0
10.3.0
10.4.0



10.2.26
10.3.17
10.4.7 		2024-11-21 13:41
2019-07-24 		Show GitHub Exploit DB Packet Storm
97 6.5
4.0 		MEDIUM
Network 		Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: XML). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily explo… NVD-CWE-noinfo
CVE-2019-2740 cpe:2.3:a:mariadb:mariadb:*:* 10.2.0
10.3.0
10.4.0
5.5.0
10.1.0







10.2.26
10.3.17
10.4.7
5.5.65
10.1.41 		2024-11-21 13:41
2019-07-24 		Show GitHub Exploit DB Packet Storm
98 5.1
3.6 		MEDIUM
Local 		Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and pr… NVD-CWE-noinfo
CVE-2019-2739 cpe:2.3:a:mariadb:mariadb:*:* 10.2.0
10.3.0
10.4.0
5.5.0
10.1.0







10.2.26
10.3.17
10.4.7
5.5.65
10.1.41 		2024-11-21 13:41
2019-07-24 		Show GitHub Exploit DB Packet Storm
99 4.9
4.0 		MEDIUM
Network 		Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Pluggable Auth). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. … NVD-CWE-noinfo
CVE-2019-2737 cpe:2.3:a:mariadb:mariadb:*:* 10.2.0
10.3.0
10.4.0
5.5.0
10.1.0







10.2.26
10.3.17
10.4.7
5.5.65
10.1.41 		2024-11-21 13:41
2019-07-24 		Show GitHub Exploit DB Packet Storm
100 4.9
4.0 		MEDIUM
Network 		Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability al… NVD-CWE-noinfo
CVE-2019-2628 cpe:2.3:a:mariadb:mariadb:*:* 10.2.0
10.3.0
10.4.0



10.2.24
10.3.15
10.4.5 		2024-11-21 13:41
2019-04-24 		Show GitHub Exploit DB Packet Storm