ROS-20260524-73-0043

Vulnerability in mariadb related to security configuration errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Unity Linux 20.1070e Security Update: mariadb (UTSA-2026-021672)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021672 advisory. getsortbytable in MariaDB before 10.6.2 allows an application crash via certain subquery uses of ORDER BY. Tenable has extracted the preceding description block...

Unity Linux 20.1070e Security Update: mariadb (UTSA-2026-021663)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021663 advisory. MariaDB through 10.5.9 allows attackers to trigger a convertconsttoint use-after-free when the BIGINT data type is used. Tenable has extracted the preceding...

Unity Linux 20.1070e Security Update: mariadb (UTSA-2026-021669)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021669 advisory. MariaDB through 10.5.9 allows a sqlparse.cc application crash because of incorrect usedtables expectations. Tenable has extracted the preceding description block...

Astra Linux - уязвимость в mariadb-10.3

It was discovered that MariaDB versions 10.2 to 10.7 contain a segmentation fault due to the subselect component...

Astra Linux - уязвимость в mariadb-10.3

MariaDB CONNECT Storage Engine Stack-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected MariaDB installations. Authentication is required to exploit this vulnerability. The specific flaw resides in the processing ...

Astra Linux - уязвимость в mariadb-10.3

A vulnerability in the Itemsubselect::initexprcachetracker component of MariaDB Server v10.6 and earlier was identified. This vulnerability allows attackers to trigger a Denial of Service DoS attack through specially crafted SQL statements...

Astra Linux - уязвимость в mariadb-10.3

MariaDB version 10.5.13 allows a hamaria::extra application to crash due to certain SELECT statements...

Astra Linux - уязвимость в mariadb-10.3

It has been discovered that MariaDB Server v10.6.5 and earlier contain a use-after-free in the Itemargs::walkarg component, which can be exploited through specially crafted SQL statements...

Astra Linux – Vulnerability in Mariadb 10.3

MariaDB version 10.5.9 allows an application crash in the findfieldintables and findorderinlist functions due to an unused common table expression CTE...

Astra Linux - уязвимость в mariadb-10.3

A remote code execution issue was discovered in MariaDB 10.2 before 10.2.37, 10.3 before 10.3.28, 10.4 before 10.4.18, and 10.5 before 10.5.9; Percona Server up to 2021-03-03; and the wsrep patch up to 2021-03-03 for MySQL. An untrusted search path leads to eval injection, in which a database SUP...

Astra Linux - уязвимость в mariadb-10.3

In MariaDB, the getsortbytable function before version 10.6.2 allows an application to crash due to certain uses of the ORDER BY clause...

Astra Linux - уязвимость в mariadb-10.3

A issue in the Createtmptable::finalize component of MariaDB Server v10.7 and below was discovered. This issue allows attackers to cause a Denial of Service DoS attack through specially crafted SQL statements...

Astra Linux - уязвимость в mariadb-10.3

MariaDB version 10.5.9 allows a SetVar.cc application to crash due to certain uses of the UPDATE statement in conjunction with a nested subquery...

Astra Linux - уязвимость в mariadb-10.3

It has been discovered that MariaDB Server v10.7 and earlier contain a global buffer overflow in the decimalbinsize component, which can be exploited through specially crafted SQL statements...

MariaDB: MariaDB: Remote Code Execution or Denial of Service via JSON_SCHEMA_VALID() function vulnerability

A flaw was found in MariaDB. An authenticated user can exploit a vulnerability in the JSONSCHEMAVALID function, which may lead to a server crash, resulting in a denial of service. Under specific and controlled conditions, this flaw could potentially be leveraged to achieve remote code execution,...

CVE-2026-32710 Heap-based Buffer Overflow in MariaDB

MariaDB server is a community developed fork of MySQL server. An authenticated user can crash MariaDB versions 11.4 before 11.4.10 and 11.8 before 11.8.6 via a bug in JSONSCHEMAVALID function. Under certain conditions it might be possible to turn the crash into a remote code execution. These...

CVE-2026-32710

MariaDB server is a community developed fork of MySQL server. An authenticated user can crash MariaDB versions 11.4 before 11.4.10 and 11.8 before 11.8.6 via a bug in JSONSCHEMAVALID function. Under certain conditions it might be possible to turn the crash into a remote code execution. These...

SUSE CVE-2026-3494

In MariaDB server version through 11.8.5, when server audit plugin is enabled with serverauditevents variable configured with QUERYDCL, QUERYDDL, or QUERYDML filtering, if an authenticated database user invokes a SQL statement prefixed with double-hyphen - or hash style comments, the statement is...

AZL-79368 CVE-2026-3381 affecting package mariadb 10.6.24-1

Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib. Compress::Raw::Zlib includes a copy of the zlib library. Compress::Raw::Zlib version 2.220 includes zlib 1.3.2, which addresses findings fron the 7ASecurity audit of zlib. The includes fixs for...