Mariadb CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (415 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2014-0384	3 Mariadb, Oracle, Redhat	10 Mariadb, Mysql, Enterprise Linux and 7 more	2025-04-12	N/A
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to XML.
CVE-2016-0640	6 Debian, Ibm, Mariadb and 3 more	8 Debian Linux, Powerkvm, Mariadb and 5 more	2025-04-12	N/A
Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect integrity and availability via vectors related to DML.
CVE-2015-0391	4 Mariadb, Oracle, Redhat and 1 more	14 Mariadb, Mysql, Enterprise Linux and 11 more	2025-04-12	N/A
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect availability via vectors related to DDL.
CVE-2015-4815	7 Canonical, Debian, Fedoraproject and 4 more	17 Ubuntu Linux, Debian Linux, Fedora and 14 more	2025-04-12	N/A
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DDL.
CVE-2015-0501	7 Canonical, Debian, Juniper and 4 more	16 Ubuntu Linux, Debian Linux, Junos Space and 13 more	2025-04-12	N/A
Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Compiling.
CVE-2015-2620	6 Canonical, Debian, Juniper and 3 more	8 Ubuntu Linux, Debian Linux, Junos Space and 5 more	2025-04-12	N/A
Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.23 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges.
CVE-2015-2643	6 Canonical, Debian, Mariadb and 3 more	14 Ubuntu Linux, Debian Linux, Mariadb and 11 more	2025-04-12	N/A
Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.
CVE-2015-2648	6 Canonical, Debian, Mariadb and 3 more	14 Ubuntu Linux, Debian Linux, Mariadb and 11 more	2025-04-12	N/A
Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.
CVE-2015-3152	6 Debian, Fedoraproject, Mariadb and 3 more	14 Debian Linux, Fedora, Mariadb and 11 more	2025-04-12	5.9 Medium
Oracle MySQL before 5.7.3, Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3, and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, aka a "BACKRONYM" attack.
CVE-2015-4752	6 Canonical, Debian, Mariadb and 3 more	14 Ubuntu Linux, Debian Linux, Mariadb and 11 more	2025-04-12	N/A
Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to Server : I_S.
CVE-2015-4816	6 Canonical, Debian, Fedoraproject and 3 more	15 Ubuntu Linux, Debian Linux, Fedora and 12 more	2025-04-12	N/A
Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.
CVE-2015-0441	6 Canonical, Debian, Mariadb and 3 more	16 Ubuntu Linux, Debian Linux, Mariadb and 13 more	2025-04-12	N/A
Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption.
CVE-2014-6500	3 Juniper, Mariadb, Oracle	4 Junos Space, Mariadb, Mysql and 1 more	2025-04-12	N/A
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to SERVER:SSL:yaSSL, a different vulnerability than CVE-2014-6491.
CVE-2014-6505	4 Mariadb, Oracle, Redhat and 1 more	9 Mariadb, Mysql, Enterprise Linux and 6 more	2025-04-12	N/A
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect availability via vectors related to SERVER:MEMORY STORAGE ENGINE.
CVE-2014-6489	2 Mariadb, Oracle	2 Mariadb, Mysql	2025-04-12	N/A
Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect integrity and availability via vectors related to SERVER:SP.
CVE-2016-8283	3 Mariadb, Oracle, Redhat	4 Mariadb, Mysql, Enterprise Linux and 1 more	2025-04-12	N/A
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Types.
CVE-2015-4895	6 Canonical, Debian, Fedoraproject and 3 more	6 Ubuntu Linux, Debian Linux, Fedora and 3 more	2025-04-12	N/A
Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.
CVE-2016-0668	7 Canonical, Debian, Mariadb and 4 more	11 Ubuntu Linux, Debian Linux, Mariadb and 8 more	2025-04-12	4.1 Medium
Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier and MariaDB 10.0.x before 10.0.24 and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to InnoDB.
CVE-2016-7440	4 Debian, Mariadb, Oracle and 1 more	4 Debian Linux, Mariadb, Mysql and 1 more	2025-04-12	5.5 Medium
The C software implementation of AES Encryption and Decryption in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences.
CVE-2015-4861	7 Canonical, Debian, Fedoraproject and 4 more	17 Ubuntu Linux, Debian Linux, Fedora and 14 more	2025-04-12	N/A
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.

« first previous Page 6 of 21. next last »