Mariadb Security Vulnerabilities and Issues — Mariadb CVE List

Lucene search

MariadbMariadb

27 matches found

CVE•added 2012/08/17 12:55 a.m.•742 views

CVE-2012-2750

Unspecified vulnerability in MySQL 5.5.x before 5.5.23 has unknown impact and attack vectors related to a "Security Fix", aka Bug #59533. NOTE: this might be a duplicate of CVE-2012-1689, but as of 20120816, Oracle has not commented on this possibility.

10CVSS4.9AI score0.01372EPSS

CVE•added 2012/10/17 12:55 a.m.•355 views

CVE-2012-3163

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema.

9CVSS4.2AI score0.01024EPSS

CVE•added 2012/06/26 6:55 p.m.•267 views

CVE-2012-2122

sql/password.c in Oracle MySQL 5.1.x before 5.1.63, 5.5.x before 5.5.24, and 5.6.x before 5.6.6, and MariaDB 5.1.x before 5.1.62, 5.2.x before 5.2.12, 5.3.x before 5.3.6, and 5.5.x before 5.5.23, when running in certain environments with certain implementations of the memcmp function, allows remote...

5.1CVSS6AI score0.9407EPSS

CVE•added 2012/12/03 12:49 p.m.•198 views

CVE-2012-5612

Heap-based buffer overflow in Oracle MySQL 5.5.19 and other versions through 5.5.28, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code, as demonstrated using certain varia...

6.5CVSS5.7AI score0.51769EPSS

CVE•added 2012/12/03 12:49 p.m.•156 views

CVE-2012-5611

Stack-based buffer overflow in the acl_get function in Oracle MySQL 5.5.19 and other versions through 5.5.28, and 5.1.53 and other versions through 5.1.66, and MariaDB 5.5.2.x before 5.5.28a, 5.3.x before 5.3.11, 5.2.x before 5.2.13 and 5.1.x before 5.1.66, allows remote authenticated users to exec...

6.5CVSS5.7AI score0.63937EPSS

CVE•added 2012/10/16 11:55 p.m.•154 views

CVE-2012-3158

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Protocol.

7.5CVSS4.4AI score0.02019EPSS

CVE•added 2012/10/17 12:55 a.m.•128 views

CVE-2012-3166

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to InnoDB.

4CVSS4.2AI score0.00635EPSS

CVE•added 2012/12/03 12:49 p.m.•125 views

CVE-2012-5615

Oracle MySQL 5.5.38 and earlier, 5.6.19 and earlier, and MariaDB 5.5.28a, 5.3.11, 5.2.13, 5.1.66, and possibly other versions, generates different error messages with different time delays depending on whether a user name exists, which allows remote attackers to enumerate valid usernames.

5CVSS5.9AI score0.19335EPSS

CVE•added 2012/05/03 10:55 p.m.•118 views

CVE-2012-1703

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer, a different vulnerability than CVE-2012-1690.

6.8CVSS4.3AI score0.00938EPSS

CVE•added 2012/10/17 12:55 a.m.•118 views

CVE-2012-3177

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server.

6.8CVSS4.2AI score0.00982EPSS

CVE•added 2012/07/17 10:55 p.m.•110 views

CVE-2012-0540

Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier and 5.5.23 and earlier allows remote authenticated users to affect availability, related to GIS Extension.

4CVSS4.5AI score0.00555EPSS

CVE•added 2012/10/16 11:55 p.m.•108 views

CVE-2012-3160

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows local users to affect confidentiality via unknown vectors related to Server Installation.

2.1CVSS4.1AI score0.00148EPSS

CVE•added 2012/10/16 11:55 p.m.•107 views

CVE-2012-3150

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.

4CVSS4.2AI score0.00635EPSS

CVE•added 2012/07/17 10:55 p.m.•105 views

CVE-2012-1689

Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, and 5.5.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.

4CVSS4.2AI score0.00555EPSS

CVE•added 2012/05/03 10:55 p.m.•105 views

CVE-2012-1690

4CVSS4.3AI score0.00938EPSS

CVE•added 2012/10/17 12:55 a.m.•105 views

CVE-2012-3167

3.5CVSS4.2AI score0.00536EPSS

CVE•added 2012/05/03 10:55 p.m.•98 views

CVE-2012-1688

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability, related to Server DML.

4CVSS4.4AI score0.00607EPSS

CVE•added 2012/10/17 12:55 a.m.•97 views

CVE-2012-3197

3.5CVSS4.2AI score0.00316EPSS

CVE•added 2012/10/17 12:55 a.m.•95 views

CVE-2012-3173

4CVSS4.2AI score0.00635EPSS

CVE•added 2012/07/17 10:55 p.m.•94 views

CVE-2012-1734

Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, and 5.5.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.

4CVSS4.3AI score0.00887EPSS

CVE•added 2012/10/17 12:55 a.m.•89 views

CVE-2012-3180

4CVSS4.2AI score0.00613EPSS

CVE•added 2012/07/17 10:55 p.m.•83 views

CVE-2012-1756

Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors.

4CVSS5.4AI score0.00572EPSS

CVE•added 2012/05/03 10:55 p.m.•80 views

CVE-2012-1697

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.

4CVSS4.2AI score0.00678EPSS

CVE•added 2012/12/03 12:49 p.m.•80 views

CVE-2012-5614

Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service (mysqld crash) via a SELECT command with an UpdateXML command containing XML with a large number of unique, nested elements.

4CVSS5AI score0.03717EPSS

CVE•added 2012/07/17 10:55 p.m.•74 views

CVE-2012-1735

Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.

6.8CVSS5.3AI score0.01002EPSS

CVE•added 2012/12/03 12:49 p.m.•74 views

CVE-2012-5613

MySQL 5.5.19 and possibly other versions, and MariaDB 5.5.28a and possibly other versions, when configured to assign the FILE privilege to users who should not have administrative privileges, allows remote authenticated users to gain privileges by leveraging the FILE privilege to create files as th...

6CVSS5.3AI score0.89465EPSS

CVE•added 2012/07/17 11:55 p.m.•73 views

CVE-2012-1757

Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.

4CVSS5.3AI score0.00572EPSS