MariaDB 11.4.1 < 11.4.10 DoS

The version of MariaDB installed on the remote host is prior to 11.4.10. It is, therefore, affected by a vulnerability as referenced in the GHSA-4rj5-2227-9wgc advisory. - MariaDB server is a community developed fork of MySQL server. An authenticated user can crash MariaDB versions 11.4 before...

CVE-2026-35549

An issue was discovered in MariaDB Server before 11.4.10, 11.5.x through 11.8.x before 11.8.6, and 12.x before 12.2.2. If the cachingsha2password authentication plugin is installed, and some user accounts are configured to use it, a large packet can crash the server because sha256cryptr uses allo...

DEBIAN-CVE-2026-32710

MariaDB server is a community developed fork of MySQL server. An authenticated user can crash MariaDB versions 11.4 before 11.4.10 and 11.8 before 11.8.6 via a bug in JSONSCHEMAVALID function. Under certain conditions it might be possible to turn the crash into a remote code execution. These...

CVE-2026-32710

MariaDB server is a community developed fork of MySQL server. An authenticated user can crash MariaDB versions 11.4 before 11.4.10 and 11.8 before 11.8.6 via a bug in JSONSCHEMAVALID function. Under certain conditions it might be possible to turn the crash into a remote code execution. These...

CVE-2026-32710

MariaDB server is a community developed fork of MySQL server. An authenticated user can crash MariaDB versions 11.4 before 11.4.10 and 11.8 before 11.8.6 via a bug in JSONSCHEMAVALID function. Under certain conditions it might be possible to turn the crash into a remote code execution. These...

CVE-2026-32710

MariaDB server is a community developed fork of MySQL server. An authenticated user can crash MariaDB versions 11.4 before 11.4.10 and 11.8 before 11.8.6 via a bug in JSONSCHEMAVALID function. Under certain conditions it might be possible to turn the crash into a remote code execution. These...

CVE-2026-32710 Heap-based Buffer Overflow in MariaDB

MariaDB server is a community developed fork of MySQL server. An authenticated user can crash MariaDB versions 11.4 before 11.4.10 and 11.8 before 11.8.6 via a bug in JSONSCHEMAVALID function. Under certain conditions it might be possible to turn the crash into a remote code execution. These...

PT-2026-26661

Name of the Vulnerable Software and Affected Versions MariaDB versions 11.4 prior to 11.4.10 MariaDB versions 11.8 prior to 11.8.6 Description An authenticated user can cause a server crash due to a buffer overflow in dynamic memory heap out-of-bounds write within the JSON SCHEMA VALID function...

GitLab Directory Traversal Vulnerability (CVE-2018-19856)

GitLab is prone to a directory traversal vulnerability in the Templates API. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

OpenAsset Digital Asset Management Insecure Direct Object Reference

Title: Missing access controls Product: OpenAsset Digital Asset Management by OpenAsset Vendor Homepage: https://www.openasset.com/ Vulnerable Version: 12.0.19 Cloud 11.2.1 On-premise Fixed Version: 12.0.22 Cloud 11.4.10 On-premise CVE Number: CVE-2020-28861 Author: Jack Misiura from The Missing...

CVE-2018-19856

CVE-2018-19856 affects GitLab CE/EE with directory traversal in the Templates API. Affected versions: GitLab CE/EE before 11.3.12, 11.4.x before 11.4.10, and 11.5.x before 11.5.3. Root cause is a directory traversal vulnerability in the Templates API that could expose sensitive data. CVSS metrics...