| MariaDB Server | Number Of NVD | 399 | CRITICAL | 3 | HIGH | 70 | MEDIUM | 277 | LOW | 49 |
| URL | https://mariadb.org/ | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Explanation | It is a relational database management system (RDBMS) derived from MySQL. Paid support is available for MariaDB Enterprise Server. Since many Linux distributions have replaced MySQL with MariaDB, it is now easier to use on Linux. It has become one of the open source combinations called LAMP (Linux, Apache, MySQL [MariaDB], PHP). |
||||||||
| Tag | |||||||||
| No | Type | Name | URL |
|---|---|---|---|
| 1 | https://downloads.mariadb.org/mariadb/+releases/ | ||
| 2 | https://mariadb.com/wp-content/uploads/2019/07/mariadb-engineering-policies-v2-01_policy_1036.pdf | ||
| 3 | https://mariadb.com/downloads/ | ||
| 4 | https://mariadb.com/kb/en/mariadb-server/ |
| No | Name | Latest Version | Release date | Initial release | Normal Support | Security Support Service Pack Support |
Extended for a fee |
Critical | High | Medium | Low |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 11 | MariaDB 11.2 | 11.2.6 | Nov. 1, 2024 | June 20, 2023 | 0 | 0 | 0 | 0 | |||
| 12 | MariaDB 11.1 | 11.1.6 | Aug. 8, 2024 | March 27, 2023 | 0 | 0 | 0 | 0 | |||
| 13 | MariaDB 11.0 | 11.0.6 | May 16, 2024 | Dec. 27, 2022 | June 30, 2024 | 0 | 0 | 0 | 0 | ||
| 14 | MariaDB 10.11 | 10.11.13 | May 22, 2025 | Sept. 26, 2022 | Feb. 28, 2028 | 0 | 0 | 1 | 0 | ||
| 15 | MariaDB 10.10 | 10.10.7 | Nov. 13, 2023 | June 21, 2022 | Nov. 30, 2023 | 0 | 0 | 1 | 0 | ||
| 16 | MariaDB 10.9 | 10.9.8 | Aug. 14, 2023 | March 23, 2022 | 0 | 7 | 2 | 0 | |||
| 17 | MariaDB 10.8 | 10.8.8 | May 10, 2023 | Dec. 21, 2021 | 0 | 14 | 2 | 0 | |||
| 18 | MariaDB 10.7 | 10.7.8 | Feb. 6, 2023 | Sept. 17, 2021 | Feb. 28, 2023 | 0 | 40 | 10 | 0 | ||
| 19 | MariaDB 10.6 | 10.6.22 | May 6, 2025 | April 26, 2021 | June 30, 2026 | 0 | 41 | 20 | 0 | ||
| 20 | MariaDB 10.5 | 10.5.29 | May 6, 2025 | Dec. 3, 2019 | June 24, 2025 | 1 | 43 | 30 | 0 | ||
| 21 | MariaDB 10.4 | 10.4.34 | May 16, 2024 | July 2, 2019 | July 2, 2022 | 1 | 44 | 46 | 2 | ||
| 22 | MariaDB 10.3 | 10.3.39 | May 10, 2023 | May 25, 2018 | May 25, 2023 | 2 | 35 | 63 | 3 | ||
| 23 | MariaDB 10.2 | 10.2.44 | May 20, 2022 | May 23, 2017 | May 23, 2022 | 2 | 31 | 99 | 6 | ||
| 24 | MariaDB 10.1 | 10.1.48 | Nov. 3, 2020 | Oct. 17, 2015 | Oct. 17, 2020 | 3 | 19 | 115 | 21 | ||
| 25 | MariaDB 5.3 | 5.3.9 | Jan. 1, 2000 | 0 | 10 | 23 | 1 | ||||
| 26 | MariaDB 5.2 | 5.2.9 | Jan. 1, 2000 | 0 | 10 | 23 | 1 | ||||
| 27 | MariaDB 5.1 | 5.1.67 | Jan. 1, 2000 | 0 | 13 | 34 | 5 | ||||
| 28 | MariaDB 2.5 | 2.5.1 | Jan. 1, 2000 | 0 | 10 | 7 | 1 | ||||
| 29 | MariaDB 2.4 | 2.4.2 | Jan. 1, 2000 | 0 | 10 | 7 | 1 | ||||
| 30 | MariaDB 2.3 | 2.3.1 | Jan. 1, 2000 | 0 | 10 | 7 | 1 | ||||
| 31 | MariaDB 2.2 | 2.2.0 | Jan. 1, 2000 | 0 | 10 | 7 | 1 | ||||
| 32 | MariaDB 2.1 | 2.13.0 | Jan. 1, 2000 | 0 | 11 | 7 | 1 | ||||
| 33 | MariaDB 2.0 | 2.0.5 | Jan. 1, 2000 | 0 | 10 | 7 | 1 | ||||
| 34 | MariaDB 1.0 | 1.0.2 | Jan. 1, 2000 | 0 | 10 | 7 | 1 | ||||
| 35 | MariaDB 0.7 | 0.7.0 | Jan. 1, 2000 | 0 | 10 | 7 | 1 |
| No | CVSS3 CVSS2 |
Level Attach Vector |
Title | CWE | CVE | cpe23Uri | or higher | or less | more than | less than | Update date Published date |
Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 11 |
7.5 5.0 |
HIGH
Network |
MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component sub_select. |
NVD-CWE-noinfo
|
CVE-2022-32084 | cpe:2.3:a:mariadb:mariadb:*:* |
10.3.0 10.4.0 10.5.0 10.6.0 10.7.0 10.8.0 10.9.0 |
|
|
10.3.36 10.4.26 10.5.17 10.6.9 10.7.5 10.8.4 10.9.2 |
2024-11-21 16:05 2022-07-2 |
Show | GitHub Exploit DB Packet Storm |
| 12 |
7.5 5.0 |
HIGH
Network |
MariaDB v10.2 to v10.6.1 was discovered to contain a segmentation fault via the component Item_subselect::init_expr_cache_tracker. |
NVD-CWE-noinfo
|
CVE-2022-32083 | cpe:2.3:a:mariadb:mariadb:*:* |
10.3.0 10.7.0 10.4.0 10.5.0 10.6.0 10.2.0 |
|
|
10.3.35 10.7.4 10.4.25 10.5.16 10.6.8 10.2.44 |
2024-11-21 16:05 2022-07-2 |
Show | GitHub Exploit DB Packet Storm |
| 13 |
7.5 5.0 |
HIGH
Network |
MariaDB v10.5 to v10.7 was discovered to contain an assertion failure at table->get_ref_count() == 0 in dict0dict.cc. |
CWE-617
Reachable Assertion |
CVE-2022-32082 | cpe:2.3:a:mariadb:mariadb:*:* |
10.5.0 10.6.0 10.7.0 10.8.0 10.9.0 |
|
|
10.5.17 10.6.9 10.7.5 10.8.4 10.9.2 |
2024-11-21 16:05 2022-07-2 |
Show | GitHub Exploit DB Packet Storm |
| 14 |
7.5 7.5 |
HIGH
Network |
MariaDB v10.4 to v10.7 was discovered to contain an use-after-poison in prepare_inplace_add_virtual at /storage/innobase/handler/handler0alter.cc. |
CWE-416
Use After Free |
CVE-2022-32081 | cpe:2.3:a:mariadb:mariadb:*:* |
10.4.0 10.5.0 10.6.0 10.7.0 10.8.0 10.9.0 |
|
|
10.4.26 10.5.17 10.6.9 10.7.5 10.8.4 10.9.2 |
2024-11-21 16:05 2022-07-2 |
Show | GitHub Exploit DB Packet Storm |
| 15 |
5.5 2.1 |
MEDIUM
Local |
MariaDB Server before 10.7 is vulnerable to Denial of Service. While executing the plugin/server_audit/server_audit.c method log_statement_ex, the held lock lock_bigbuffer is not released correctly, … |
CWE-667
Improper Locking |
CVE-2022-31624 | cpe:2.3:a:mariadb:mariadb:*:* |
10.3.0 10.4.0 10.5.0 10.6.0 |
|
|
10.2.41 10.3.32 10.4.22 10.5.13 10.6.5 |
2024-11-21 16:04 2022-05-26 |
Show | GitHub Exploit DB Packet Storm |
| 16 |
5.5 2.1 |
MEDIUM
Local |
MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/ds_compress.cc, when an error occurs (i.e., going to the err label) while executing the method create_worker_thread… |
CWE-667
Improper Locking |
CVE-2022-31623 | cpe:2.3:a:mariadb:mariadb:*:* |
10.3.0 10.4.0 10.5.0 10.7.0 10.6.0 |
|
|
10.3.33 10.4.23 10.5.14 10.7.2 10.6.6 10.2.42 |
2024-11-21 16:04 2022-05-26 |
Show | GitHub Exploit DB Packet Storm |
| 17 |
5.5 2.1 |
MEDIUM
Local |
MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/ds_compress.cc, when an error occurs (pthread_create returns a nonzero value) while executing the method create_wor… |
CWE-667
Improper Locking |
CVE-2022-31622 | cpe:2.3:a:mariadb:mariadb:*:* |
10.3.0 10.4.0 10.5.0 10.7.0 10.6.0 |
|
|
10.3.33 10.4.23 10.5.14 10.7.2 10.6.6 10.2.42 |
2024-11-21 16:04 2022-05-26 |
Show | GitHub Exploit DB Packet Storm |
| 18 |
5.5 2.1 |
MEDIUM
Local |
MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/ds_xbstream.cc, when an error occurs (stream_ctxt->dest_file == NULL) while executing the method xbstream_open, the… |
CWE-667
Improper Locking |
CVE-2022-31621 | cpe:2.3:a:mariadb:mariadb:*:* |
10.3.0 10.4.0 10.5.0 10.6.0 |
|
|
10.2.41 10.3.32 10.4.22 10.5.13 10.6.5 |
2024-11-21 16:04 2022-05-26 |
Show | GitHub Exploit DB Packet Storm |
| 19 |
4.4 2.1 |
MEDIUM
Network |
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.37 and prior and 8.0.28 and prior. Difficult to exploit vulnerability allow… |
NVD-CWE-noinfo
|
CVE-2022-21451 | cpe:2.3:a:mariadb:mariadb:*:* |
10.5.0 10.2.0 10.3.0 10.4.0 |
|
|
10.5.10 10.2.38 10.3.29 10.4.19 |
2024-11-21 15:44 2022-04-20 |
Show | GitHub Exploit DB Packet Storm |
| 20 |
4.9 4.0 |
MEDIUM
Network |
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versions that are affected are 5.7.37 and prior and 8.0.28 and prior. Easily exploitable vulnerability al… |
NVD-CWE-noinfo
|
CVE-2022-21427 | cpe:2.3:a:mariadb:mariadb:*:* |
10.5.0 10.3.0 10.4.0 10.2.0 |
|
|
10.5.7 10.3.35 10.4.25 10.2.44 |
2024-11-21 15:44 2022-04-20 |
Show | GitHub Exploit DB Packet Storm |