Search CVE reports
1 – 10 of 245 results
CVE-2024-27766
Medium priorityAn issue in MariaDB v.11.1 allows a remote attacker to execute arbitrary code via the lib_mysqludf_sys.so function. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed.
10 affected packages
mariadb, mariadb-10.0, mariadb-10.1, mariadb-10.3, mariadb-10.6...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
mariadb | Needs evaluation | Not in release | Not in release | — | — |
mariadb-10.0 | Not in release | Not in release | Not in release | — | Needs evaluation |
mariadb-10.1 | Not in release | Not in release | Not in release | Needs evaluation | — |
mariadb-10.3 | Not in release | Not in release | Ignored | — | — |
mariadb-10.6 | Not in release | Needs evaluation | Not in release | — | — |
mysql-5.5 | Not in release | Not in release | Not in release | — | — |
mysql-5.7 | Not in release | Not in release | Not in release | Not affected | Ignored |
mysql-8.0 | Not affected | Not affected | Not affected | — | — |
percona-server-5.6 | Not in release | Not in release | Not in release | — | Needs evaluation |
percona-xtradb-cluster-5.6 | Not in release | Not in release | Not in release | — | Needs evaluation |
CVE-2023-39593
Medium priorityInsecure permissions in the sys_exec function of MariaDB v10.5 allows authenticated attackers to execute arbitrary commands with elevated privileges. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary...
10 affected packages
mariadb, mariadb-10.0, mariadb-10.1, mariadb-10.3, mariadb-10.6...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
mariadb | Needs evaluation | Not in release | Not in release | — | — |
mariadb-10.0 | Not in release | Not in release | Not in release | — | Needs evaluation |
mariadb-10.1 | Not in release | Not in release | Not in release | Needs evaluation | — |
mariadb-10.3 | Not in release | Not in release | Ignored | — | — |
mariadb-10.6 | Not in release | Needs evaluation | Not in release | — | — |
mysql-5.5 | Not in release | Not in release | Not in release | — | — |
mysql-5.7 | Not in release | Not in release | Not in release | Not affected | Ignored |
mysql-8.0 | Not affected | Not affected | Not affected | — | — |
percona-server-5.6 | Not in release | Not in release | Not in release | — | Needs evaluation |
percona-xtradb-cluster-5.6 | Not in release | Not in release | Not in release | — | Needs evaluation |
CVE-2024-21247
Medium priorityVulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows...
10 affected packages
mariadb, mariadb-10.0, mariadb-10.1, mariadb-10.3, mariadb-10.6...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
mariadb | Not affected | Not in release | Not in release | — | — |
mariadb-10.0 | Not in release | Not in release | Not in release | — | Not affected |
mariadb-10.1 | Not in release | Not in release | Not in release | Not affected | — |
mariadb-10.3 | Not in release | Not in release | Ignored | — | — |
mariadb-10.6 | Not in release | Not affected | Not in release | — | — |
mysql-5.5 | Not in release | Not in release | Not in release | — | — |
mysql-5.7 | Not in release | Not in release | Not in release | Not affected | Ignored |
mysql-8.0 | Not affected | Not affected | Not affected | — | — |
percona-server-5.6 | Not in release | Not in release | Not in release | — | Not affected |
percona-xtradb-cluster-5.6 | Not in release | Not in release | Not in release | — | Not affected |
CVE-2024-21244
Medium priorityVulnerability in the MySQL Server product of Oracle MySQL (component: Server: Telemetry). Supported versions that are affected are 8.4.2 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows high privileged...
10 affected packages
mariadb, mariadb-10.0, mariadb-10.1, mariadb-10.3, mariadb-10.6...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
mariadb | Not affected | Not in release | Not in release | — | — |
mariadb-10.0 | Not in release | Not in release | Not in release | — | Not affected |
mariadb-10.1 | Not in release | Not in release | Not in release | Not affected | — |
mariadb-10.3 | Not in release | Not in release | Ignored | — | — |
mariadb-10.6 | Not in release | Not affected | Not in release | — | — |
mysql-5.5 | Not in release | Not in release | Not in release | — | — |
mysql-5.7 | Not in release | Not in release | Not in release | Not affected | Ignored |
mysql-8.0 | Not affected | Not affected | Not affected | — | — |
percona-server-5.6 | Not in release | Not in release | Not in release | — | Not affected |
percona-xtradb-cluster-5.6 | Not in release | Not in release | Not in release | — | Not affected |
CVE-2024-21243
Medium priorityVulnerability in the MySQL Server product of Oracle MySQL (component: Server: Telemetry). Supported versions that are affected are 8.4.2 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows high privileged...
10 affected packages
mariadb, mariadb-10.0, mariadb-10.1, mariadb-10.3, mariadb-10.6...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
mariadb | Not affected | Not in release | Not in release | — | — |
mariadb-10.0 | Not in release | Not in release | Not in release | — | Not affected |
mariadb-10.1 | Not in release | Not in release | Not in release | Not affected | — |
mariadb-10.3 | Not in release | Not in release | Ignored | — | — |
mariadb-10.6 | Not in release | Not affected | Not in release | — | — |
mysql-5.5 | Not in release | Not in release | Not in release | — | — |
mysql-5.7 | Not in release | Not in release | Not in release | Not affected | Ignored |
mysql-8.0 | Not affected | Not affected | Not affected | — | — |
percona-server-5.6 | Not in release | Not in release | Not in release | — | Not affected |
percona-xtradb-cluster-5.6 | Not in release | Not in release | Not in release | — | Not affected |
CVE-2024-21241
Medium prioritySome fixes available 4 of 14
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows...
10 affected packages
mariadb, mariadb-10.0, mariadb-10.1, mariadb-10.3, mariadb-10.6...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
mariadb | Needs evaluation | Not in release | Not in release | — | — |
mariadb-10.0 | Not in release | Not in release | Not in release | — | Needs evaluation |
mariadb-10.1 | Not in release | Not in release | Not in release | Needs evaluation | — |
mariadb-10.3 | Not in release | Not in release | Ignored | — | — |
mariadb-10.6 | Not in release | Needs evaluation | Not in release | — | — |
mysql-5.5 | Not in release | Not in release | Not in release | — | — |
mysql-5.7 | Not in release | Not in release | Not in release | Needs evaluation | Ignored |
mysql-8.0 | Fixed | Fixed | Fixed | — | — |
percona-server-5.6 | Not in release | Not in release | Not in release | — | Needs evaluation |
percona-xtradb-cluster-5.6 | Not in release | Not in release | Not in release | — | Needs evaluation |
CVE-2024-21239
Medium prioritySome fixes available 4 of 14
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high...
10 affected packages
mariadb, mariadb-10.0, mariadb-10.1, mariadb-10.3, mariadb-10.6...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
mariadb | Needs evaluation | Not in release | Not in release | — | — |
mariadb-10.0 | Not in release | Not in release | Not in release | — | Needs evaluation |
mariadb-10.1 | Not in release | Not in release | Not in release | Needs evaluation | — |
mariadb-10.3 | Not in release | Not in release | Ignored | — | — |
mariadb-10.6 | Not in release | Needs evaluation | Not in release | — | — |
mysql-5.5 | Not in release | Not in release | Not in release | — | — |
mysql-5.7 | Not in release | Not in release | Not in release | Needs evaluation | Ignored |
mysql-8.0 | Fixed | Fixed | Fixed | — | — |
percona-server-5.6 | Not in release | Not in release | Not in release | — | Needs evaluation |
percona-xtradb-cluster-5.6 | Not in release | Not in release | Not in release | — | Needs evaluation |
CVE-2024-21238
Medium priorityVulnerability in the MySQL Server product of Oracle MySQL (component: Server: Thread Pooling). Supported versions that are affected are 8.0.39 and prior, 8.4.1 and prior and 9.0.1 and prior. Difficult to exploit vulnerability...
10 affected packages
mariadb, mariadb-10.0, mariadb-10.1, mariadb-10.3, mariadb-10.6...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
mariadb | Not affected | Not in release | Not in release | — | — |
mariadb-10.0 | Not in release | Not in release | Not in release | — | Not affected |
mariadb-10.1 | Not in release | Not in release | Not in release | Not affected | — |
mariadb-10.3 | Not in release | Not in release | Ignored | — | — |
mariadb-10.6 | Not in release | Not affected | Not in release | — | — |
mysql-5.5 | Not in release | Not in release | Not in release | — | — |
mysql-5.7 | Not in release | Not in release | Not in release | Not affected | Ignored |
mysql-8.0 | Not affected | Not affected | Not affected | — | — |
percona-server-5.6 | Not in release | Not in release | Not in release | — | Not affected |
percona-xtradb-cluster-5.6 | Not in release | Not in release | Not in release | — | Not affected |
CVE-2024-21237
Medium prioritySome fixes available 4 of 14
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication GCS). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Difficult to exploit...
10 affected packages
mariadb, mariadb-10.0, mariadb-10.1, mariadb-10.3, mariadb-10.6...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
mariadb | Needs evaluation | Not in release | Not in release | — | — |
mariadb-10.0 | Not in release | Not in release | Not in release | — | Needs evaluation |
mariadb-10.1 | Not in release | Not in release | Not in release | Needs evaluation | — |
mariadb-10.3 | Not in release | Not in release | Ignored | — | — |
mariadb-10.6 | Not in release | Needs evaluation | Not in release | — | — |
mysql-5.5 | Not in release | Not in release | Not in release | — | — |
mysql-5.7 | Not in release | Not in release | Not in release | Needs evaluation | Ignored |
mysql-8.0 | Fixed | Fixed | Fixed | — | — |
percona-server-5.6 | Not in release | Not in release | Not in release | — | Needs evaluation |
percona-xtradb-cluster-5.6 | Not in release | Not in release | Not in release | — | Needs evaluation |
CVE-2024-21236
Medium prioritySome fixes available 4 of 14
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high...
10 affected packages
mariadb, mariadb-10.0, mariadb-10.1, mariadb-10.3, mariadb-10.6...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
mariadb | Needs evaluation | Not in release | Not in release | — | — |
mariadb-10.0 | Not in release | Not in release | Not in release | — | Needs evaluation |
mariadb-10.1 | Not in release | Not in release | Not in release | Needs evaluation | — |
mariadb-10.3 | Not in release | Not in release | Ignored | — | — |
mariadb-10.6 | Not in release | Needs evaluation | Not in release | — | — |
mysql-5.5 | Not in release | Not in release | Not in release | — | — |
mysql-5.7 | Not in release | Not in release | Not in release | Needs evaluation | Ignored |
mysql-8.0 | Fixed | Fixed | Fixed | — | — |
percona-server-5.6 | Not in release | Not in release | Not in release | — | Needs evaluation |
percona-xtradb-cluster-5.6 | Not in release | Not in release | Not in release | — | Needs evaluation |