Vulnerabilities > Mariadb > Mariadb > 10.5.2

DATE CVE VULNERABILITY TITLE RISK
2020-12-24 CVE-2020-28912 Unspecified vulnerability in Mariadb
With MariaDB running on Windows, when local clients connect to the server over named pipes, it's possible for an unprivileged user with an ability to run code on the server machine to intercept the named pipe connection and act as a man-in-the-middle, gaining access to all the data passed between the client and the server, and getting the ability to run SQL commands on behalf of the connected user.
local
mariadb
4.4
4.4
2020-10-21 CVE-2020-14812 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Locking).
network
low complexity
oracle netapp debian fedoraproject mariadb
4.9
4.9
2020-10-21 CVE-2020-14789 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS).
network
low complexity
oracle netapp fedoraproject mariadb
4.9
4.9
2020-10-21 CVE-2020-14776 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB).
network
low complexity
oracle netapp fedoraproject mariadb
4.9
4.9
2020-10-21 CVE-2020-14765 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS).
network
low complexity
oracle netapp debian fedoraproject mariadb
6.5
6.5