Lucene search
K

8 matches found

RedHat Linux
RedHat Linux
added 2026/06/30 11:22 a.m.5 views

mariadb: Arbitrary code execution via global system variable manipulation by a high-privileged user

A flaw was found in MariaDB server. A high-privileged MariaDB user could exploit this vulnerability by manipulating specific global system variables, namely wsrepsstreceiveaddress or wsrepsstdonor. This manipulation could allow the user to execute arbitrary shell commands as the user ID of the...

9.1CVSS6.2AI score0.00967EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/30 7:8 a.m.4 views

mariadb: Arbitrary code execution via global system variable manipulation by a high-privileged user

A flaw was found in MariaDB server. A high-privileged MariaDB user could exploit this vulnerability by manipulating specific global system variables, namely wsrepsstreceiveaddress or wsrepsstdonor. This manipulation could allow the user to execute arbitrary shell commands as the user ID of the...

9.1CVSS6.2AI score0.00967EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/23 7:44 a.m.7 views

CVE-2026-48165

A flaw was found in MariaDB server. A high-privileged MariaDB user could exploit this vulnerability by manipulating specific global system variables, namely wsrepsstreceiveaddress or wsrepsstdonor. This manipulation could allow the user to execute arbitrary shell commands as the user ID of the...

9.1CVSS6.1AI score0.00967EPSS
Exploits0References5
OSV
OSV
added 2026/06/16 11:47 a.m.8 views

BIT-MARIADB-MIN-2026-44168 MariaDB: wsrep SST unsafe parameter handling on the donor side

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, during the SST the donor node is interpolating parameters that the joiner sent into the command line. No...

8CVSS5.8AI score0.00567EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2026/06/14 12:0 a.m.15 views

openSUSE 16 Security Update : mariadb (openSUSE-SU-2026:20933-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20933-1 advisory. This update for mariadb fixes the following issues Update to 11.8.8: - CVE-2026-3494: audit plugin comment handling bypass bsc1259176. -...

10CVSS6.8AI score0.00998EPSS
Exploits1References36
CVE
CVE
added 2026/06/12 5:35 p.m.62 views

CVE-2026-48165

CVE-2026-48165 affects MariaDB server in Galera replication scenarios. A high-privileged MariaDB user could have used the wsrep_sst_receive_address or wsrep_sst_donor global system variables to run shell commands as the mariadbd process user on the Galera joiner node. Affected versions are 10.6.1...

9.1CVSS5.5AI score0.00967EPSS
Exploits0References12Affected Software1
OSV
OSV
added 2026/06/10 7:39 a.m.6 views

SUSE-SU-2026:2330-1 Security update for mariadb

This update for mariadb fixes the following issues: - CVE-2026-3494: audit plugin comment handling bypass bsc1259176. - CVE-2026-34303: mysql: optimizer unspecified vulnerability bsc1266435. - CVE-2026-35549: SHA2 auth plugin crash on large packets bsc1261413. - CVE-2026-44168: wsrep SST unsafe...

10CVSS7.2AI score0.00998EPSS
Exploits1References25
SUSE Linux
SUSE Linux
added 2026/06/05 12:16 p.m.11 views

Security update for mariadb

This update for mariadb fixes the following issues: CVE-2026-3494: audit plugin comment handling bypass bsc1259176. CVE-2026-34303: mysql: optimizer unspecified vulnerability bsc1266435. CVE-2026-44168: wsrep SST unsafe parameter handling on the donor side bsc1266442. CVE-2026-44170: argument...

9.4CVSS7.1AI score0.00998EPSS
Exploits1References40
Rows per page
Query Builder