Vulnerabilities > Mariadb

DATE CVE VULNERABILITY TITLE RISK
2022-02-01 CVE-2021-46664 NULL Pointer Dereference vulnerability in multiple products
MariaDB through 10.5.9 allows an application crash in sub_select_postjoin_aggr for a NULL value of aggr.
local
low complexity
mariadb fedoraproject CWE-476
5.5
2022-02-01 CVE-2021-46665 MariaDB through 10.5.9 allows a sql_parse.cc application crash because of incorrect used_tables expectations.
local
low complexity
mariadb fedoraproject
5.5
2022-02-01 CVE-2021-46666 Reachable Assertion vulnerability in Mariadb
MariaDB before 10.6.2 allows an application crash because of mishandling of a pushdown from a HAVING clause to a WHERE clause.
local
low complexity
mariadb CWE-617
5.5
2022-02-01 CVE-2021-46667 Integer Overflow or Wraparound vulnerability in multiple products
MariaDB before 10.6.5 has a sql_lex.cc integer overflow, leading to an application crash.
local
low complexity
mariadb fedoraproject CWE-190
5.5
2022-02-01 CVE-2021-46668 Resource Exhaustion vulnerability in multiple products
MariaDB through 10.5.9 allows an application crash via certain long SELECT DISTINCT statements that improperly interact with storage-engine resource limitations for temporary data structures.
local
low complexity
mariadb fedoraproject CWE-400
5.5
2022-02-01 CVE-2021-46669 Use After Free vulnerability in multiple products
MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_int use-after-free when the BIGINT data type is used.
network
low complexity
mariadb fedoraproject debian CWE-416
7.5
2022-01-29 CVE-2021-46657 Unspecified vulnerability in Mariadb
get_sort_by_table in MariaDB before 10.6.2 allows an application crash via certain subquery uses of ORDER BY.
local
low complexity
mariadb
5.5
2022-01-29 CVE-2021-46658 Unspecified vulnerability in Mariadb
save_window_function_values in MariaDB before 10.6.3 allows an application crash because of incorrect handling of with_window_func=true for a subquery.
local
low complexity
mariadb
5.5
2022-01-29 CVE-2021-46659 MariaDB before 10.7.2 allows an application crash because it does not recognize that SELECT_LEX::nest_level is local to each VIEW.
local
low complexity
mariadb fedoraproject
5.5
2021-10-20 CVE-2021-35604 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB).
network
low complexity
oracle netapp fedoraproject mariadb
5.5