Vulnerabilities > Mariadb > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-05-27 CVE-2020-15180 Command Injection vulnerability in multiple products
A flaw was found in the mysql-wsrep component of mariadb.
network
high complexity
mariadb debian percona galeracluster CWE-77
critical
 9.0
9.0
2021-03-19 CVE-2021-27928 Code Injection vulnerability in multiple products
A remote code execution issue was discovered in MariaDB 10.2 before 10.2.37, 10.3 before 10.3.28, 10.4 before 10.4.18, and 10.5 before 10.5.9; Percona Server through 2021-03-03; and the wsrep patch through 2021-03-03 for MySQL.
network
low complexity
mariadb percona galeracluster debian CWE-94
critical
 9.0
9.0
2017-05-23 CVE-2016-9843 The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.
network
low complexity
zlib opensuse debian canonical oracle redhat apple netapp mariadb nodejs
critical
 9.8
9.8
2016-09-20 CVE-2016-6662 Permissions, Privileges, and Access Controls vulnerability in multiple products
Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before 5.6.32-78.0, and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration.
network
low complexity
oracle percona mariadb debian redhat CWE-264
critical
 10.0
10
2012-10-17 CVE-2012-3163 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema.
network
low complexity
oracle mariadb canonical debian redhat f5
critical
 9.0
9.0
2012-08-17 CVE-2012-2750 Unspecified vulnerability in MySQL 5.5.x before 5.5.23 has unknown impact and attack vectors related to a "Security Fix", aka Bug #59533.
network
low complexity
oracle mariadb debian
critical
 10.0
10