Vulnerabilities > Mariadb > Mariadb > 10.2.32
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-01 | CVE-2021-46667 | Integer Overflow or Wraparound vulnerability in multiple products MariaDB before 10.6.5 has a sql_lex.cc integer overflow, leading to an application crash. | 5.5 |
| 2022-02-01 | CVE-2021-46668 | Resource Exhaustion vulnerability in multiple products MariaDB through 10.5.9 allows an application crash via certain long SELECT DISTINCT statements that improperly interact with storage-engine resource limitations for temporary data structures. | 5.5 |
| 2022-02-01 | CVE-2021-46669 | Use After Free vulnerability in multiple products MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_int use-after-free when the BIGINT data type is used. | 7.5 |
| 2022-01-29 | CVE-2021-46657 | Unspecified vulnerability in Mariadb get_sort_by_table in MariaDB before 10.6.2 allows an application crash via certain subquery uses of ORDER BY. | 2.1 |
| 2022-01-29 | CVE-2021-46658 | Unspecified vulnerability in Mariadb save_window_function_values in MariaDB before 10.6.3 allows an application crash because of incorrect handling of with_window_func=true for a subquery. | 2.1 |
| 2022-01-29 | CVE-2021-46659 | MariaDB before 10.7.2 allows an application crash because it does not recognize that SELECT_LEX::nest_level is local to each VIEW. | 5.5 |
| 2021-10-20 | CVE-2021-35604 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). | 5.5 |
| 2021-07-21 | CVE-2021-2372 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). | 4.4 |
| 2021-07-21 | CVE-2021-2389 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). | 5.9 |
| 2021-05-27 | CVE-2020-15180 | Command Injection vulnerability in multiple products A flaw was found in the mysql-wsrep component of mariadb. | 9.0 |