Vulnerabilities > Mariadb

DATE CVE VULNERABILITY TITLE RISK
2021-04-22 CVE-2021-2166 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML).
network
low complexity
oracle fedoraproject netapp mariadb
4.9
2021-04-22 CVE-2021-2154 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML).
network
low complexity
oracle mariadb netapp fedoraproject
4.9
2021-04-22 CVE-2021-2144 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser).
network
low complexity
oracle netapp mariadb
6.5
2021-03-19 CVE-2021-27928 Code Injection vulnerability in multiple products
A remote code execution issue was discovered in MariaDB 10.2 before 10.2.37, 10.3 before 10.3.28, 10.4 before 10.4.18, and 10.5 before 10.5.9; Percona Server through 2021-03-03; and the wsrep patch through 2021-03-03 for MySQL.
network
low complexity
mariadb percona galeracluster debian CWE-94
critical
9.0
2021-01-20 CVE-2021-2032 Vulnerability in the MySQL Server product of Oracle MySQL (component: Information Schema).
network
low complexity
oracle netapp mariadb
4.0
2021-01-20 CVE-2021-2022 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB).
network
high complexity
oracle netapp fedoraproject mariadb
4.4
2021-01-20 CVE-2021-2011 Vulnerability in the MySQL Client product of Oracle MySQL (component: C API).
network
high complexity
oracle fedoraproject netapp mariadb
5.9
2021-01-20 CVE-2021-2007 Vulnerability in the MySQL Client product of Oracle MySQL (component: C API).
network
high complexity
oracle fedoraproject netapp mariadb
3.7
2020-12-24 CVE-2020-28912 Unspecified vulnerability in Mariadb
With MariaDB running on Windows, when local clients connect to the server over named pipes, it's possible for an unprivileged user with an ability to run code on the server machine to intercept the named pipe connection and act as a man-in-the-middle, gaining access to all the data passed between the client and the server, and getting the ability to run SQL commands on behalf of the connected user.
local
mariadb
4.4
2020-10-21 CVE-2020-14812 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Locking).
network
low complexity
oracle netapp debian fedoraproject mariadb
4.9