CBL Mariner 2.0 Security Update: CBL-Mariner Releases (CVE-2025-13699)

The version of CBL-Mariner Releases installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-13699 advisory. - MariaDB mariadb-dump Utility Directory Traversal Remote Code Execution Vulnerability. This...

CVE-2026-22027 CryptoLib Vulnerable to Heap Buffer Overflow in MariaDB SA Hexstring Conversion

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to version 1.4.3, the converthexstringtobytearray function in th...

CVE-2023-52969 affecting package mariadb for versions less than 10.11.15-1

CVE-2023-52969 affecting package mariadb for versions less than 10.11.15-1. An upgraded version of the package is available that resolves this issue...

OESA-2025-2379 python-django security update

A high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. QuerySet.annotate, QuerySet.alias, QuerySet.aggregate, and QuerySet.extra are subject to S...

Linux Distros Unpatched Vulnerability : CVE-2023-39593

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insecure permissions in the sysexec function of MariaDB v10.5 allows authenticated attackers to execute arbitrary commands with elevated privileges. NOTE: this ...

SUSE CVE-2023-52968

MariaDB Server 10.4 before 10.4.33, 10.5 before 10.5.24, 10.6 before 10.6.17, 10.7 through 10.11 before 10.11.7, 11.0 before 11.0.5, and 11.1 before 11.1.4 calls fixfieldsifneeded under mysqlderivedprepare when derived is not yet prepared, leading to a findfieldintable crash...

CVE-2023-52968

Disclaimer: This data contains information about vulnerable...

mariadb: server crash in JOIN_CACHE::free or in copy_fields

MariaDB v10.7 was discovered to contain an use-after-poison in in interceptormemset at /libsanitizer/sanitizercommon/sanitizercommoninterceptors.inc...

mariadb: NULL pointer dereference in spider_db_mbase::print_warnings()

MariaDB Server before 10.3.34 thru 10.9.3 is vulnerable to Denial of Service. It is possible for function spiderdbmbase::printwarnings to dereference a null pointer...

The vulnerability of the scanning and management tools in OpenVAS’s MariaDB database system allows attackers to cause service interruptions.

The vulnerability of the scanning and vulnerability management tool in the OpenVAS database management system, MariaDB, is related to an uncontrolled resource consumption when connected to ports 3306 and 4567. Exploiting this vulnerability could allow a malicious actor to cause service...

SUSE CVE-2013-1861

MariaDB 5.5.x before 5.5.30, 5.3.x before 5.3.13, 5.2.x before 5.2.15, and 5.1.x before 5.1.68, and Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote attackers to cause a denial of service crash via a crafted geometry feature that specifies a large number o...

SUSE CVE-2021-46663

MariaDB through 10.5.13 allows a hamaria::extra application crash via certain SELECT statements...

SUSE CVE-2021-46665

MariaDB through 10.5.9 allows a sqlparse.cc application crash because of incorrect usedtables expectations...

SUSE CVE-2022-27381

An issue in the component Field::setdefault of MariaDB Server v10.6 and below was discovered to allow attackers to cause a Denial of Service DoS via specially crafted SQL statements...

SUSE CVE-2022-32085

MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Itemfuncin::cleanup/Item::cleanupprocessor...

mariadb: server crash in component arg_comparator::compare_real_fixed

A flaw was found in MariaDB. The component, Argcomparator::comparerealfixed, allows attackers to cause a denial of service DoS via specially crafted SQL statements, affecting availability...

UBUNTU-CVE-2022-32088

MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Exectimetracker::getloops/Filesorttracker::reportuse/filesort...

CVE-2022-31623

Disclaimer: This data contains information about vulnerable...

ALPINE-CVE-2022-27457

MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component mymbwclatin1 at /strings/ctype-latin1.c...

UBUNTU-CVE-2022-27456

MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component VDec::VDec at /sql/sqltype.cc...