| MariaDB Server | Number Of NVD | 399 | CRITICAL | 3 | HIGH | 70 | MEDIUM | 277 | LOW | 49 |
| URL | https://mariadb.org/ | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Explanation | It is a relational database management system (RDBMS) derived from MySQL. Paid support is available for MariaDB Enterprise Server. Since many Linux distributions have replaced MySQL with MariaDB, it is now easier to use on Linux. It has become one of the open source combinations called LAMP (Linux, Apache, MySQL [MariaDB], PHP). |
||||||||
| Tag | |||||||||
| No | Type | Name | URL |
|---|---|---|---|
| 1 | https://downloads.mariadb.org/mariadb/+releases/ | ||
| 2 | https://mariadb.com/wp-content/uploads/2019/07/mariadb-engineering-policies-v2-01_policy_1036.pdf | ||
| 3 | https://mariadb.com/downloads/ | ||
| 4 | https://mariadb.com/kb/en/mariadb-server/ |
| No | Name | Latest Version | Release date | Initial release | Normal Support | Security Support Service Pack Support |
Extended for a fee |
Critical | High | Medium | Low |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 31 | MariaDB 11.2 | 11.2.6 | Nov. 1, 2024 | June 20, 2023 | 0 | 0 | 0 | 0 | |||
| 32 | MariaDB 11.1 | 11.1.6 | Aug. 8, 2024 | March 27, 2023 | 0 | 0 | 0 | 0 | |||
| 33 | MariaDB 11.0 | 11.0.6 | May 16, 2024 | Dec. 27, 2022 | June 30, 2024 | 0 | 0 | 0 | 0 | ||
| 34 | MariaDB 10.11 | 10.11.13 | May 22, 2025 | Sept. 26, 2022 | Feb. 28, 2028 | 0 | 0 | 1 | 0 | ||
| 35 | MariaDB 10.10 | 10.10.7 | Nov. 13, 2023 | June 21, 2022 | Nov. 30, 2023 | 0 | 0 | 1 | 0 | ||
| 36 | MariaDB 10.9 | 10.9.8 | Aug. 14, 2023 | March 23, 2022 | 0 | 7 | 2 | 0 | |||
| 37 | MariaDB 10.8 | 10.8.8 | May 10, 2023 | Dec. 21, 2021 | 0 | 14 | 2 | 0 | |||
| 38 | MariaDB 10.7 | 10.7.8 | Feb. 6, 2023 | Sept. 17, 2021 | Feb. 28, 2023 | 0 | 40 | 10 | 0 | ||
| 39 | MariaDB 10.6 | 10.6.22 | May 6, 2025 | April 26, 2021 | June 30, 2026 | 0 | 41 | 20 | 0 | ||
| 40 | MariaDB 10.5 | 10.5.29 | May 6, 2025 | Dec. 3, 2019 | June 24, 2025 | 1 | 43 | 30 | 0 | ||
| 41 | MariaDB 10.4 | 10.4.34 | May 16, 2024 | July 2, 2019 | July 2, 2022 | 1 | 44 | 46 | 2 | ||
| 42 | MariaDB 10.3 | 10.3.39 | May 10, 2023 | May 25, 2018 | May 25, 2023 | 2 | 35 | 63 | 3 | ||
| 43 | MariaDB 10.2 | 10.2.44 | May 20, 2022 | May 23, 2017 | May 23, 2022 | 2 | 31 | 99 | 6 | ||
| 44 | MariaDB 10.1 | 10.1.48 | Nov. 3, 2020 | Oct. 17, 2015 | Oct. 17, 2020 | 3 | 19 | 115 | 21 | ||
| 45 | MariaDB 5.3 | 5.3.9 | Jan. 1, 2000 | 0 | 10 | 23 | 1 | ||||
| 46 | MariaDB 5.2 | 5.2.9 | Jan. 1, 2000 | 0 | 10 | 23 | 1 | ||||
| 47 | MariaDB 5.1 | 5.1.67 | Jan. 1, 2000 | 0 | 13 | 34 | 5 | ||||
| 48 | MariaDB 2.5 | 2.5.1 | Jan. 1, 2000 | 0 | 10 | 7 | 1 | ||||
| 49 | MariaDB 2.4 | 2.4.2 | Jan. 1, 2000 | 0 | 10 | 7 | 1 | ||||
| 50 | MariaDB 2.3 | 2.3.1 | Jan. 1, 2000 | 0 | 10 | 7 | 1 | ||||
| 51 | MariaDB 2.2 | 2.2.0 | Jan. 1, 2000 | 0 | 10 | 7 | 1 | ||||
| 52 | MariaDB 2.1 | 2.13.0 | Jan. 1, 2000 | 0 | 11 | 7 | 1 | ||||
| 53 | MariaDB 2.0 | 2.0.5 | Jan. 1, 2000 | 0 | 10 | 7 | 1 | ||||
| 54 | MariaDB 1.0 | 1.0.2 | Jan. 1, 2000 | 0 | 10 | 7 | 1 | ||||
| 55 | MariaDB 0.7 | 0.7.0 | Jan. 1, 2000 | 0 | 10 | 7 | 1 |
| No | CVSS3 CVSS2 |
Level Attach Vector |
Title | CWE | CVE | cpe23Uri | or higher | or less | more than | less than | Update date Published date |
Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 31 |
7.5 5.0 |
HIGH
Network |
MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/item_subselect.cc. |
NVD-CWE-noinfo
|
CVE-2022-27444 | cpe:2.3:a:mariadb:mariadb:*:* |
10.7.0 10.4.0 10.5.0 10.6.0 |
|
|
10.7.4 10.4.25 10.5.16 10.6.8 |
2024-11-21 15:55 2022-04-14 |
Show | GitHub Exploit DB Packet Storm |
| 32 |
7.5 5.0 |
HIGH
Network |
MariaDB Server v10.7 and below was discovered to contain a global buffer overflow in the component decimal_bin_size, which is exploited via specially crafted SQL statements. |
CWE-120
Classic Buffer Overflow |
CVE-2022-27387 | cpe:2.3:a:mariadb:mariadb:*:* |
10.3.0 10.7.0 10.4.0 10.5.0 10.6.0 10.2.0 |
|
|
10.3.35 10.7.4 10.4.25 10.5.16 10.6.8 10.2.44 |
2024-11-21 15:55 2022-04-13 |
Show | GitHub Exploit DB Packet Storm |
| 33 |
7.5 5.0 |
HIGH
Network |
MariaDB Server v10.7 and below was discovered to contain a segmentation fault via the component sql/sql_class.cc. |
CWE-89
SQL Injection |
CVE-2022-27386 | cpe:2.3:a:mariadb:mariadb:*:* |
10.5.0 10.6.0 10.2.0 10.3.0 10.7.0 10.4.0 |
|
|
10.5.16 10.6.8 10.2.44 10.3.35 10.7.4 10.4.25 |
2024-11-21 15:55 2022-04-13 |
Show | GitHub Exploit DB Packet Storm |
| 34 |
7.5 5.0 |
HIGH
Network |
An issue in the component Used_tables_and_const_cache::used_tables_and_const_cache_join of MariaDB Server v10.7 and below was discovered to allow attackers to cause a Denial of Service (DoS) via spec… |
CWE-89
SQL Injection |
CVE-2022-27385 | cpe:2.3:a:mariadb:mariadb:*:* |
10.4.0 10.5.0 10.6.0 |
|
|
10.4.22 10.5.13 10.6.5 10.3.32 |
2024-11-21 15:55 2022-04-13 |
Show | GitHub Exploit DB Packet Storm |
| 35 |
7.5 5.0 |
HIGH
Network |
An issue in the component Item_subselect::init_expr_cache_tracker of MariaDB Server v10.6 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL stat… |
CWE-89
SQL Injection |
CVE-2022-27384 | cpe:2.3:a:mariadb:mariadb:*:* |
10.3.0 10.7.0 10.4.0 10.5.0 10.6.0 10.2.0 10.8.0 |
|
|
10.3.35 10.7.4 10.4.25 10.5.16 10.6.8 10.2.44 10.8.3 |
2024-11-21 15:55 2022-04-13 |
Show | GitHub Exploit DB Packet Storm |
| 36 |
7.5 5.0 |
HIGH
Network |
MariaDB Server v10.6 and below was discovered to contain an use-after-free in the component my_strcasecmp_8bit, which is exploited via specially crafted SQL statements. |
CWE-416
Use After Free |
CVE-2022-27383 | cpe:2.3:a:mariadb:mariadb:*:* |
10.3.0 10.7.0 10.4.0 10.5.0 10.6.0 10.2.0 10.8.0 |
|
|
10.3.35 10.7.4 10.4.25 10.5.16 10.6.8 10.2.44 10.8.3 |
2024-11-21 15:55 2022-04-13 |
Show | GitHub Exploit DB Packet Storm |
| 37 |
7.5 5.0 |
HIGH
Network |
MariaDB Server v10.7 and below was discovered to contain a segmentation fault via the component Item_field::used_tables/update_depend_map_for_order. |
CWE-617
Reachable Assertion |
CVE-2022-27382 | cpe:2.3:a:mariadb:mariadb:*:* |
10.7.0 10.4.0 10.5.0 10.6.0 |
|
|
10.7.4 10.4.25 10.5.16 10.6.8 |
2024-11-21 15:55 2022-04-13 |
Show | GitHub Exploit DB Packet Storm |
| 38 |
7.5 5.0 |
HIGH
Network |
An issue in the component Field::set_default of MariaDB Server v10.6 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements. |
CWE-89
SQL Injection |
CVE-2022-27381 | cpe:2.3:a:mariadb:mariadb:*:* |
10.3.0 10.7.0 10.4.0 10.5.0 10.6.0 10.2.0 |
|
|
10.3.35 10.7.4 10.4.25 10.5.16 10.6.8 10.2.44 |
2024-11-21 15:55 2022-04-13 |
Show | GitHub Exploit DB Packet Storm |
| 39 |
7.5 5.0 |
HIGH
Network |
An issue in the component my_decimal::operator= of MariaDB Server v10.6.3 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements. |
CWE-89
SQL Injection |
CVE-2022-27380 | cpe:2.3:a:mariadb:mariadb:*:* |
10.3.0 10.7.0 10.4.0 10.5.0 10.6.0 10.2.0 |
|
|
10.3.35 10.7.4 10.4.25 10.5.16 10.6.8 10.2.44 |
2024-11-21 15:55 2022-04-13 |
Show | GitHub Exploit DB Packet Storm |
| 40 |
7.5 5.0 |
HIGH
Network |
An issue in the component Arg_comparator::compare_real_fixed of MariaDB Server v10.6.2 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL stateme… |
CWE-89
SQL Injection |
CVE-2022-27379 | cpe:2.3:a:mariadb:mariadb:*:* |
10.3.0 10.7.0 10.4.0 10.5.0 10.6.0 |
|
|
10.3.35 10.7.4 10.4.25 10.5.16 10.6.8 |
2024-11-21 15:55 2022-04-13 |
Show | GitHub Exploit DB Packet Storm |