Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
MariaDB Server Number Of NVD 399 CRITICAL 3 HIGH 70 MEDIUM 277 LOW 49
URL https://mariadb.org/
Explanation It is a relational database management system (RDBMS) derived from MySQL.
Paid support is available for MariaDB Enterprise Server.
Since many Linux distributions have replaced MySQL with MariaDB, it is now easier to use on Linux.

It has become one of the open source combinations called LAMP (Linux, Apache, MySQL [MariaDB], PHP).
Tag
  • 商用ライセンス有り
  • オープンソース
  • GPL v2
Add Information URL
No Type Name URL
1 https://downloads.mariadb.org/mariadb/+releases/
2 https://mariadb.com/wp-content/uploads/2019/07/mariadb-engineering-policies-v2-01_policy_1036.pdf
3 https://mariadb.com/downloads/
4 https://mariadb.com/kb/en/mariadb-server/
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
61 MariaDB 11.2 11.2.6 Nov. 1, 2024 June 20, 2023 0 0 0 0
62 MariaDB 11.1 11.1.6 Aug. 8, 2024 March 27, 2023 0 0 0 0
63 MariaDB 11.0 11.0.6 May 16, 2024 Dec. 27, 2022 June 30, 2024 0 0 0 0
64 MariaDB 10.11 10.11.13 May 22, 2025 Sept. 26, 2022 Feb. 28, 2028 0 0 1 0
65 MariaDB 10.10 10.10.7 Nov. 13, 2023 June 21, 2022 Nov. 30, 2023 0 0 1 0
66 MariaDB 10.9 10.9.8 Aug. 14, 2023 March 23, 2022 0 7 2 0
67 MariaDB 10.8 10.8.8 May 10, 2023 Dec. 21, 2021 0 14 2 0
68 MariaDB 10.7 10.7.8 Feb. 6, 2023 Sept. 17, 2021 Feb. 28, 2023 0 40 10 0
69 MariaDB 10.6 10.6.22 May 6, 2025 April 26, 2021 June 30, 2026 0 41 20 0
70 MariaDB 10.5 10.5.29 May 6, 2025 Dec. 3, 2019 June 24, 2025 1 43 30 0
71 MariaDB 10.4 10.4.34 May 16, 2024 July 2, 2019 July 2, 2022 1 44 46 2
72 MariaDB 10.3 10.3.39 May 10, 2023 May 25, 2018 May 25, 2023 2 35 63 3
73 MariaDB 10.2 10.2.44 May 20, 2022 May 23, 2017 May 23, 2022 2 31 99 6
74 MariaDB 10.1 10.1.48 Nov. 3, 2020 Oct. 17, 2015 Oct. 17, 2020 3 19 115 21
75 MariaDB 5.3 5.3.9 Jan. 1, 2000 0 10 23 1
76 MariaDB 5.2 5.2.9 Jan. 1, 2000 0 10 23 1
77 MariaDB 5.1 5.1.67 Jan. 1, 2000 0 13 34 5
78 MariaDB 2.5 2.5.1 Jan. 1, 2000 0 10 7 1
79 MariaDB 2.4 2.4.2 Jan. 1, 2000 0 10 7 1
80 MariaDB 2.3 2.3.1 Jan. 1, 2000 0 10 7 1
81 MariaDB 2.2 2.2.0 Jan. 1, 2000 0 10 7 1
82 MariaDB 2.1 2.13.0 Jan. 1, 2000 0 11 7 1
83 MariaDB 2.0 2.0.5 Jan. 1, 2000 0 10 7 1
84 MariaDB 1.0 1.0.2 Jan. 1, 2000 0 10 7 1
85 MariaDB 0.7 0.7.0 Jan. 1, 2000 0 10 7 1
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
61 5.5
2.1 		MEDIUM
Local 		get_sort_by_table in MariaDB before 10.6.2 allows an application crash via certain subquery uses of ORDER BY. NVD-CWE-noinfo
CVE-2021-46657 cpe:2.3:a:mariadb:mariadb:*:* 10.3.0
10.4.0
10.5.0
10.6.0
5.5.20
10.0.0



5.5.68




10.3.30
10.4.20
10.5.11
10.6.2

10.2.39 		2024-11-21 15:34
2022-01-30 		Show GitHub Exploit DB Packet Storm
62 5.5
5.5 		MEDIUM
Network 		Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.35 and prior and 8.0.26 and prior. Easily exploitable vulnerability allows … NVD-CWE-noinfo
CVE-2021-35604 cpe:2.3:a:mariadb:mariadb:*:* 10.3.0
10.4.0
10.5.0
10.6.0
10.2.0







10.3.32
10.4.22
10.5.13
10.6.3
10.2.41 		2024-11-21 15:12
2021-10-20 		Show GitHub Exploit DB Packet Storm
63 5.9
7.1 		MEDIUM
Network 		Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.34 and prior and 8.0.25 and prior. Difficult to exploit vulnerability allow… NVD-CWE-noinfo
CVE-2021-2389 cpe:2.3:a:mariadb:mariadb:*:* 10.2.0
10.3.0
10.4.0
10.5.0
10.6.0







10.2.40
10.3.31
10.4.21
10.5.12
10.6.4 		2024-11-21 15:03
2021-07-22 		Show GitHub Exploit DB Packet Storm
64 4.4
3.5 		MEDIUM
Network 		Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.34 and prior and 8.0.25 and prior. Difficult to exploit vulnerability allow… NVD-CWE-noinfo
CVE-2021-2372 cpe:2.3:a:mariadb:mariadb:*:*







10.6.0
10.5.0
10.4.0
10.3.0
10.2.0 		10.6.4
10.5.12
10.4.21
10.3.31
10.2.40 		2024-11-21 15:02
2021-07-22 		Show GitHub Exploit DB Packet Storm
65 9.0
6.8 		CRITICAL
Network 		A flaw was found in the mysql-wsrep component of mariadb. Lack of input sanitization in `wsrep_sst_method` allows for command injection that can be exploited by a remote attacker to execute arbitrary… CWE-77
Command Injection 		CVE-2020-15180 cpe:2.3:a:mariadb:mariadb:*:* 10.5.0
10.4.0
10.1.0
10.2.0
10.3.0







10.5.6
10.4.15
10.1.47
10.2.34
10.3.25 		2024-11-21 14:05
2021-05-28 		Show GitHub Exploit DB Packet Storm
66 4.9
4.0 		MEDIUM
Network 		Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows … NVD-CWE-noinfo
CVE-2021-2194 cpe:2.3:a:mariadb:mariadb:*:* 10.5.0
10.4.0
10.3.0
10.2.0





10.5.7
10.4.16
10.3.26
10.2.35 		2024-11-21 15:02
2021-04-23 		Show GitHub Exploit DB Packet Storm
67 4.9
4.0 		MEDIUM
Network 		Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows … NVD-CWE-noinfo
CVE-2021-2180 cpe:2.3:a:mariadb:mariadb:*:* 10.2.0 10.2.38 2024-11-21 15:02
2021-04-23 		Show GitHub Exploit DB Packet Storm
68 4.4
3.5 		MEDIUM
Network 		Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Difficult to exploit vulnerability allow… NVD-CWE-noinfo
CVE-2021-2174 cpe:2.3:a:mariadb:mariadb:*:* 10.2.0 10.2.18 2024-11-21 15:02
2021-04-23 		Show GitHub Exploit DB Packet Storm
69 4.9
4.0 		MEDIUM
Network 		Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability al… NVD-CWE-noinfo
CVE-2021-2166 cpe:2.3:a:mariadb:mariadb:*:* 10.5.0
10.2.0
10.3.0
10.4.0





10.5.10
10.2.38
10.3.29
10.4.19 		2024-11-21 15:02
2021-04-23 		Show GitHub Exploit DB Packet Storm
70 4.9
4.0 		MEDIUM
Network 		Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 5.7.33 and prior. Easily exploitable vulnerability allows high privileged … NVD-CWE-noinfo
CVE-2021-2154 cpe:2.3:a:mariadb:mariadb:*:* 10.5.0
10.2.0
10.3.0
10.4.0





10.5.10
10.2.38
10.3.29
10.4.19 		2024-11-21 15:02
2021-04-23 		Show GitHub Exploit DB Packet Storm