High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-04-12	CVE-2022-27384	SQL Injection vulnerability in multiple products An issue in the component Item_subselect::init_expr_cache_tracker of MariaDB Server v10.6 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements. network low complexity mariadb debian CWE-89	7.5
2022-04-12	CVE-2022-27385	SQL Injection vulnerability in Mariadb An issue in the component Used_tables_and_const_cache::used_tables_and_const_cache_join of MariaDB Server v10.7 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements. network low complexity mariadb CWE-89	7.5
2022-04-12	CVE-2022-27386	SQL Injection vulnerability in multiple products MariaDB Server v10.7 and below was discovered to contain a segmentation fault via the component sql/sql_class.cc. network low complexity mariadb debian CWE-89	7.5
2022-04-12	CVE-2022-27387	Classic Buffer Overflow vulnerability in multiple products MariaDB Server v10.7 and below was discovered to contain a global buffer overflow in the component decimal_bin_size, which is exploited via specially crafted SQL statements. network low complexity mariadb debian CWE-120	7.5
2022-03-25	CVE-2018-25032	Out-of-bounds Write vulnerability in multiple products zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches. network low complexity zlib debian fedoraproject apple python mariadb netapp siemens azul goto CWE-787	7.5
2022-03-15	CVE-2022-0778	Infinite Loop vulnerability in multiple products The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. network low complexity openssl debian netapp fedoraproject tenable mariadb nodejs CWE-835	7.5
2022-02-18	CVE-2022-24048	Stack-based Buffer Overflow vulnerability in multiple products MariaDB CONNECT Storage Engine Stack-based Buffer Overflow Privilege Escalation Vulnerability. local low complexity mariadb fedoraproject CWE-121	7.8
2022-02-18	CVE-2022-24050	Use After Free vulnerability in multiple products MariaDB CONNECT Storage Engine Use-After-Free Privilege Escalation Vulnerability. local low complexity mariadb fedoraproject CWE-416	7.8
2022-02-18	CVE-2022-24051	Use of Externally-Controlled Format String vulnerability in multiple products MariaDB CONNECT Storage Engine Format String Privilege Escalation Vulnerability. local low complexity mariadb fedoraproject CWE-134	7.8
2022-02-18	CVE-2022-24052	Heap-based Buffer Overflow vulnerability in multiple products MariaDB CONNECT Storage Engine Heap-based Buffer Overflow Privilege Escalation Vulnerability. local low complexity mariadb fedoraproject CWE-122	7.8