46 matches found
BIT-MYSQL-CLIENT-2026-44171 MariaDB: path traversal in mbstream
MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, mbstream did not check for /../ in the path when unpacking the archive. A proper backup can never contai...
MariaDB 10.11.0 < 10.11.15
The version of MariaDB installed on the remote host is prior to 10.11.15. It is, therefore, affected by a vulnerability as referenced in the 10.11.15 advisory. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are...
MariaDB 11.8.0 < 11.8.4
The version of MariaDB installed on the remote host is prior to 11.8.4. It is, therefore, affected by a vulnerability as referenced in the 11.8.4 advisory. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are...
MariaDB 11.4.0 < 11.4.9
The version of MariaDB installed on the remote host is prior to 11.4.9. It is, therefore, affected by a vulnerability as referenced in the 11.4.9 advisory. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are...
MariaDB 12.1.0 < 12.1.2
The version of MariaDB installed on the remote host is prior to 12.1.2. It is, therefore, affected by a vulnerability as referenced in the 12.1.2 advisory. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are...
Oracle Linux 8 : mariadb-devel:10.3 (ELSA-2026-0698)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-0698 advisory. asio 1.10.8-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora28MassRebuild galera 25.3.37-1.0.1 - Bump release for rebuild - x8664 and i386 need to be built...
MiracleLinux 4 : rh-mariadb100-mariadb-10.0.26-2.AXS4 (AXSA:2016-619:02)
The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-619:02 advisory. MariaDB is a community developed branch of MySQL. MariaDB is a multi-user, multi-threaded SQL database server. It is a client/server implementation...
MiracleLinux 4 : rh-mariadb100-mariadb-10.0.28-5.AXS4 (AXSA:2016-1176:03)
The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-1176:03 advisory. MariaDB is a community developed branch of MySQL. MariaDB is a multi-user, multi-threaded SQL database server. It is a client/server implementation...
EUVD-2016-0581
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2022-27444
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/itemsubselect.cc. CVE-2022-27444 Note that Nessus relies on...
Linux Distros Unpatched Vulnerability : CVE-2022-27377
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component Itemfuncin::cleanup, which is exploited via specially crafted SQL...
Linux Distros Unpatched Vulnerability : CVE-2022-27448
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is an Assertion failure in MariaDB Server v10.9 and below via 'node-pcur-relpos == BTRPCURON' at /row/row0mysql.cc. CVE-2022-27448 Note that Nessus relies...
Linux Distros Unpatched Vulnerability : CVE-2022-27446
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/itemcmpfunc.h. CVE-2022-27446 Note that Nessus relies on the...
CVE-2025-50103
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: LDAP Auth. Supported versions that are affected are 9.0.0-9.3.0. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...
CVE-2025-50080
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Stored Procedure. Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...
CVE-2025-50084
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MyS...
CVE-2025-50083
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQ...
BIT-MARIADB-2023-26785
MariaDB v10.5 was discovered to contain a remote code execution RCE vulnerability via UDF Code in a Shared Object File, followed by a "create function" statement. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed...
BIT-MARIADB-MIN-2022-32087
MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Itemargs::walkargs...
BIT-MARIADB-MIN-2022-32083
MariaDB v10.2 to v10.6.1 was discovered to contain a segmentation fault via the component Itemsubselect::initexprcachetracker...