Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
MariaDB Server Number Of NVD 399 CRITICAL 3 HIGH 70 MEDIUM 277 LOW 49
URL https://mariadb.org/
Explanation It is a relational database management system (RDBMS) derived from MySQL.
Paid support is available for MariaDB Enterprise Server.
Since many Linux distributions have replaced MySQL with MariaDB, it is now easier to use on Linux.

It has become one of the open source combinations called LAMP (Linux, Apache, MySQL [MariaDB], PHP).
Tag
  • 商用ライセンス有り
  • オープンソース
  • GPL v2
Add Information URL
No Type Name URL
1 https://downloads.mariadb.org/mariadb/+releases/
2 https://mariadb.com/wp-content/uploads/2019/07/mariadb-engineering-policies-v2-01_policy_1036.pdf
3 https://mariadb.com/downloads/
4 https://mariadb.com/kb/en/mariadb-server/
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
301 MariaDB 11.2 11.2.6 Nov. 1, 2024 June 20, 2023 0 0 0 0
302 MariaDB 11.1 11.1.6 Aug. 8, 2024 March 27, 2023 0 0 0 0
303 MariaDB 11.0 11.0.6 May 16, 2024 Dec. 27, 2022 June 30, 2024 0 0 0 0
304 MariaDB 10.11 10.11.13 May 22, 2025 Sept. 26, 2022 Feb. 28, 2028 0 0 1 0
305 MariaDB 10.10 10.10.7 Nov. 13, 2023 June 21, 2022 Nov. 30, 2023 0 0 1 0
306 MariaDB 10.9 10.9.8 Aug. 14, 2023 March 23, 2022 0 7 2 0
307 MariaDB 10.8 10.8.8 May 10, 2023 Dec. 21, 2021 0 14 2 0
308 MariaDB 10.7 10.7.8 Feb. 6, 2023 Sept. 17, 2021 Feb. 28, 2023 0 40 10 0
309 MariaDB 10.6 10.6.22 May 6, 2025 April 26, 2021 June 30, 2026 0 41 20 0
310 MariaDB 10.5 10.5.29 May 6, 2025 Dec. 3, 2019 June 24, 2025 1 43 30 0
311 MariaDB 10.4 10.4.34 May 16, 2024 July 2, 2019 July 2, 2022 1 44 46 2
312 MariaDB 10.3 10.3.39 May 10, 2023 May 25, 2018 May 25, 2023 2 35 63 3
313 MariaDB 10.2 10.2.44 May 20, 2022 May 23, 2017 May 23, 2022 2 31 99 6
314 MariaDB 10.1 10.1.48 Nov. 3, 2020 Oct. 17, 2015 Oct. 17, 2020 3 19 115 21
315 MariaDB 5.3 5.3.9 Jan. 1, 2000 0 10 23 1
316 MariaDB 5.2 5.2.9 Jan. 1, 2000 0 10 23 1
317 MariaDB 5.1 5.1.67 Jan. 1, 2000 0 13 34 5
318 MariaDB 2.5 2.5.1 Jan. 1, 2000 0 10 7 1
319 MariaDB 2.4 2.4.2 Jan. 1, 2000 0 10 7 1
320 MariaDB 2.3 2.3.1 Jan. 1, 2000 0 10 7 1
321 MariaDB 2.2 2.2.0 Jan. 1, 2000 0 10 7 1
322 MariaDB 2.1 2.13.0 Jan. 1, 2000 0 11 7 1
323 MariaDB 2.0 2.0.5 Jan. 1, 2000 0 10 7 1
324 MariaDB 1.0 1.0.2 Jan. 1, 2000 0 10 7 1
325 MariaDB 0.7 0.7.0 Jan. 1, 2000 0 10 7 1
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
301 -
4.3 		MEDIUM The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, does not properly manage a buffer pointer during certain recursive calls, which allows … CWE-476
 NULL Pointer Dereference 		CVE-2014-0198 cpe:2.3:a:mariadb:mariadb:*:* 10.0.0 10.0.13 2024-11-21 11:01
2014-05-6 		Show GitHub Exploit DB Packet Storm
302 -
5.1 		MEDIUM Unspecified vulnerability in the MySQL Client component in Oracle MySQL 5.5.36 and earlier and 5.6.16 and earlier allows remote attackers to affect confidentiality, integrity, and availability via un… NVD-CWE-noinfo
CVE-2014-2440 cpe:2.3:a:mariadb:mariadb:*:* 5.5.0
10.0.0

5.5.37
10.0.11 		2024-11-21 11:06
2014-04-16 		Show GitHub Exploit DB Packet Storm
303 -
3.5 		LOW Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Replication. NVD-CWE-noinfo
CVE-2014-2438 cpe:2.3:a:mariadb:mariadb:*:* 5.5.0
10.0.0

5.5.36
10.0.9 		2024-11-21 11:06
2014-04-16 		Show GitHub Exploit DB Packet Storm
304 -
6.5 		MEDIUM Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related… NVD-CWE-noinfo
CVE-2014-2436 cpe:2.3:a:mariadb:mariadb:*:* 5.5.0
10.0.0

5.5.37
10.0.11 		2024-11-21 11:06
2014-04-16 		Show GitHub Exploit DB Packet Storm
305 -
2.8 		LOW Unspecified vulnerability Oracle the MySQL Server component 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Federated. NVD-CWE-noinfo
CVE-2014-2432 cpe:2.3:a:mariadb:mariadb:*:* 5.5.0
10.0.0

5.5.36
10.0.9 		2024-11-21 11:06
2014-04-16 		Show GitHub Exploit DB Packet Storm
306 -
2.6 		LOW Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote attackers to affect availability via unknown vectors related to Options. NVD-CWE-noinfo
CVE-2014-2431 cpe:2.3:a:mariadb:mariadb:*:* 5.5.0
10.0.0

5.5.37
10.0.11 		2024-11-21 11:06
2014-04-16 		Show GitHub Exploit DB Packet Storm
307 -
3.5 		LOW Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect availability via unknown vectors related to Performance Schema. NVD-CWE-noinfo
CVE-2014-2430 cpe:2.3:a:mariadb:mariadb:*:* 5.5.0
10.0.0

5.5.37
10.0.11 		2024-11-21 11:06
2014-04-16 		Show GitHub Exploit DB Packet Storm
308 -
4.0 		MEDIUM Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition. NVD-CWE-noinfo
CVE-2014-2419 cpe:2.3:a:mariadb:mariadb:*:* 5.5.0
10.0.0

5.5.36
10.0.9 		2024-11-21 11:06
2014-04-16 		Show GitHub Exploit DB Packet Storm
309 -
4.0 		MEDIUM Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to XML. NVD-CWE-noinfo
CVE-2014-0384 cpe:2.3:a:mariadb:mariadb:*:* 5.5.0
10.0.0

5.5.36
10.0.9 		2024-11-21 11:01
2014-04-16 		Show GitHub Exploit DB Packet Storm
310 -
4.0 		MEDIUM Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote attackers to inject data across sessions or cause a denia… CWE-362
Race Condition 		CVE-2010-5298 cpe:2.3:a:mariadb:mariadb:*:* 10.0.0 10.0.13 2024-11-21 10:22
2014-04-15 		Show GitHub Exploit DB Packet Storm