| MariaDB Server | Number Of NVD | 399 | CRITICAL | 3 | HIGH | 70 | MEDIUM | 277 | LOW | 49 |
| URL | https://mariadb.org/ | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Explanation | It is a relational database management system (RDBMS) derived from MySQL. Paid support is available for MariaDB Enterprise Server. Since many Linux distributions have replaced MySQL with MariaDB, it is now easier to use on Linux. It has become one of the open source combinations called LAMP (Linux, Apache, MySQL [MariaDB], PHP). |
||||||||
| Tag | |||||||||
| No | Type | Name | URL |
|---|---|---|---|
| 1 | https://downloads.mariadb.org/mariadb/+releases/ | ||
| 2 | https://mariadb.com/wp-content/uploads/2019/07/mariadb-engineering-policies-v2-01_policy_1036.pdf | ||
| 3 | https://mariadb.com/downloads/ | ||
| 4 | https://mariadb.com/kb/en/mariadb-server/ |
| No | Name | Latest Version | Release date | Initial release | Normal Support | Security Support Service Pack Support |
Extended for a fee |
Critical | High | Medium | Low |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 51 | MariaDB 11.2 | 11.2.6 | Nov. 1, 2024 | June 20, 2023 | 0 | 0 | 0 | 0 | |||
| 52 | MariaDB 11.1 | 11.1.6 | Aug. 8, 2024 | March 27, 2023 | 0 | 0 | 0 | 0 | |||
| 53 | MariaDB 11.0 | 11.0.6 | May 16, 2024 | Dec. 27, 2022 | June 30, 2024 | 0 | 0 | 0 | 0 | ||
| 54 | MariaDB 10.11 | 10.11.13 | May 22, 2025 | Sept. 26, 2022 | Feb. 28, 2028 | 0 | 0 | 1 | 0 | ||
| 55 | MariaDB 10.10 | 10.10.7 | Nov. 13, 2023 | June 21, 2022 | Nov. 30, 2023 | 0 | 0 | 1 | 0 | ||
| 56 | MariaDB 10.9 | 10.9.8 | Aug. 14, 2023 | March 23, 2022 | 0 | 7 | 2 | 0 | |||
| 57 | MariaDB 10.8 | 10.8.8 | May 10, 2023 | Dec. 21, 2021 | 0 | 14 | 2 | 0 | |||
| 58 | MariaDB 10.7 | 10.7.8 | Feb. 6, 2023 | Sept. 17, 2021 | Feb. 28, 2023 | 0 | 40 | 10 | 0 | ||
| 59 | MariaDB 10.6 | 10.6.22 | May 6, 2025 | April 26, 2021 | June 30, 2026 | 0 | 41 | 20 | 0 | ||
| 60 | MariaDB 10.5 | 10.5.29 | May 6, 2025 | Dec. 3, 2019 | June 24, 2025 | 1 | 43 | 30 | 0 | ||
| 61 | MariaDB 10.4 | 10.4.34 | May 16, 2024 | July 2, 2019 | July 2, 2022 | 1 | 44 | 46 | 2 | ||
| 62 | MariaDB 10.3 | 10.3.39 | May 10, 2023 | May 25, 2018 | May 25, 2023 | 2 | 35 | 63 | 3 | ||
| 63 | MariaDB 10.2 | 10.2.44 | May 20, 2022 | May 23, 2017 | May 23, 2022 | 2 | 31 | 99 | 6 | ||
| 64 | MariaDB 10.1 | 10.1.48 | Nov. 3, 2020 | Oct. 17, 2015 | Oct. 17, 2020 | 3 | 19 | 115 | 21 | ||
| 65 | MariaDB 5.3 | 5.3.9 | Jan. 1, 2000 | 0 | 10 | 23 | 1 | ||||
| 66 | MariaDB 5.2 | 5.2.9 | Jan. 1, 2000 | 0 | 10 | 23 | 1 | ||||
| 67 | MariaDB 5.1 | 5.1.67 | Jan. 1, 2000 | 0 | 13 | 34 | 5 | ||||
| 68 | MariaDB 2.5 | 2.5.1 | Jan. 1, 2000 | 0 | 10 | 7 | 1 | ||||
| 69 | MariaDB 2.4 | 2.4.2 | Jan. 1, 2000 | 0 | 10 | 7 | 1 | ||||
| 70 | MariaDB 2.3 | 2.3.1 | Jan. 1, 2000 | 0 | 10 | 7 | 1 | ||||
| 71 | MariaDB 2.2 | 2.2.0 | Jan. 1, 2000 | 0 | 10 | 7 | 1 | ||||
| 72 | MariaDB 2.1 | 2.13.0 | Jan. 1, 2000 | 0 | 11 | 7 | 1 | ||||
| 73 | MariaDB 2.0 | 2.0.5 | Jan. 1, 2000 | 0 | 10 | 7 | 1 | ||||
| 74 | MariaDB 1.0 | 1.0.2 | Jan. 1, 2000 | 0 | 10 | 7 | 1 | ||||
| 75 | MariaDB 0.7 | 0.7.0 | Jan. 1, 2000 | 0 | 10 | 7 | 1 |
| No | CVSS3 CVSS2 |
Level Attach Vector |
Title | CWE | CVE | cpe23Uri | or higher | or less | more than | less than | Update date Published date |
Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 51 |
5.5 2.1 |
MEDIUM
Local |
MariaDB through 10.5.9 allows an application crash via certain long SELECT DISTINCT statements that improperly interact with storage-engine resource limitations for temporary data structures. |
CWE-400
Uncontrolled Resource Consumption |
CVE-2021-46668 | cpe:2.3:a:mariadb:mariadb:*:* |
10.7.0 10.6.0 10.5.0 10.4.0 10.3.0 10.2.0 |
|
|
10.7.3 10.6.7 10.5.15 10.4.24 10.3.34 10.2.43 |
2024-11-21 15:34 2022-02-1 |
Show | GitHub Exploit DB Packet Storm |
| 52 |
5.5 2.1 |
MEDIUM
Local |
MariaDB before 10.6.5 has a sql_lex.cc integer overflow, leading to an application crash. |
CWE-190
Integer Overflow or Wraparound |
CVE-2021-46667 | cpe:2.3:a:mariadb:mariadb:*:* |
10.3.0 10.4.0 10.5.0 10.6.0 |
|
|
10.2.41 10.3.32 10.4.22 10.5.13 10.6.5 |
2024-11-21 15:34 2022-02-1 |
Show | GitHub Exploit DB Packet Storm |
| 53 |
5.5 2.1 |
MEDIUM
Local |
MariaDB before 10.6.2 allows an application crash because of mishandling of a pushdown from a HAVING clause to a WHERE clause. |
CWE-617
Reachable Assertion |
CVE-2021-46666 | cpe:2.3:a:mariadb:mariadb:*:* |
10.3.0 10.4.0 10.5.0 10.6.0 |
|
|
10.2.39 10.3.30 10.4.20 10.5.11 10.6.2 |
2024-11-21 15:34 2022-02-1 |
Show | GitHub Exploit DB Packet Storm |
| 54 |
5.5 2.1 |
MEDIUM
Local |
MariaDB through 10.5.9 allows a sql_parse.cc application crash because of incorrect used_tables expectations. |
NVD-CWE-noinfo
|
CVE-2021-46665 | cpe:2.3:a:mariadb:mariadb:*:* |
10.7.0 10.6.0 10.5.0 10.4.0 10.3.0 10.2.0 |
|
|
10.7.3 10.6.7 10.5.15 10.4.24 10.3.34 10.2.43 |
2024-11-21 15:34 2022-02-1 |
Show | GitHub Exploit DB Packet Storm |
| 55 |
5.5 2.1 |
MEDIUM
Local |
MariaDB through 10.5.9 allows an application crash in sub_select_postjoin_aggr for a NULL value of aggr. |
CWE-476
NULL Pointer Dereference |
CVE-2021-46664 | cpe:2.3:a:mariadb:mariadb:*:* |
10.7.0 10.6.0 10.5.0 10.4.0 10.3.0 10.2.0 |
|
|
10.7.3 10.6.7 10.5.15 10.4.24 10.3.34 10.2.43 |
2024-11-21 15:34 2022-02-1 |
Show | GitHub Exploit DB Packet Storm |
| 56 |
5.5 2.1 |
MEDIUM
Local |
MariaDB through 10.5.13 allows a ha_maria::extra application crash via certain SELECT statements. |
NVD-CWE-noinfo
|
CVE-2021-46663 | cpe:2.3:a:mariadb:mariadb:*:* |
10.7.0 10.6.0 10.4.22 10.3.32 10.2.41 10.5.9 |
|
|
10.7.3 10.6.7 10.4.24 10.3.34 10.2.43 10.5.15 |
2024-11-21 15:34 2022-02-1 |
Show | GitHub Exploit DB Packet Storm |
| 57 |
5.5 2.1 |
MEDIUM
Local |
MariaDB through 10.5.9 allows a set_var.cc application crash via certain uses of an UPDATE statement in conjunction with a nested subquery. |
NVD-CWE-noinfo
|
CVE-2021-46662 | cpe:2.3:a:mariadb:mariadb:*:* |
10.3.0 10.4.0 10.5.0 10.6.0 |
|
|
10.3.32 10.4.22 10.5.13 10.6.5 |
2024-11-21 15:34 2022-02-1 |
Show | GitHub Exploit DB Packet Storm |
| 58 |
5.5 2.1 |
MEDIUM
Local |
MariaDB through 10.5.9 allows an application crash in find_field_in_tables and find_order_in_list via an unused common table expression (CTE). |
NVD-CWE-noinfo
|
CVE-2021-46661 | cpe:2.3:a:mariadb:mariadb:*:* |
10.7.0 10.6.0 10.5.0 10.4.0 10.3.0 10.2.0 |
|
|
10.7.3 10.6.7 10.5.15 10.4.24 10.3.34 10.2.43 |
2024-11-21 15:34 2022-02-1 |
Show | GitHub Exploit DB Packet Storm |
| 59 |
5.5 2.1 |
MEDIUM
Local |
MariaDB before 10.7.2 allows an application crash because it does not recognize that SELECT_LEX::nest_level is local to each VIEW. |
NVD-CWE-noinfo
|
CVE-2021-46659 | cpe:2.3:a:mariadb:mariadb:*:* |
5.5.0 10.3.0 10.4.0 10.5.0 10.7.0 10.6.0 |
|
|
10.2.42 10.3.33 10.4.23 10.5.14 10.7.2 10.6.6 |
2024-11-21 15:34 2022-01-30 |
Show | GitHub Exploit DB Packet Storm |
| 60 |
5.5 2.1 |
MEDIUM
Local |
save_window_function_values in MariaDB before 10.6.3 allows an application crash because of incorrect handling of with_window_func=true for a subquery. |
NVD-CWE-noinfo
|
CVE-2021-46658 | cpe:2.3:a:mariadb:mariadb:*:* |
10.2.0 10.3.0 10.4.0 10.5.0 10.6.0 |
|
|
10.2.40 10.3.31 10.4.21 10.5.12 10.6.3 |
2024-11-21 15:34 2022-01-30 |
Show | GitHub Exploit DB Packet Storm |