Search CVE reports
1 – 10 of 1614 results
CVE-2024-8013
Medium priorityA bug in query analysis of certain complex self-referential $lookup subpipelines may result in literal values in expressions for encrypted fields to be sent to the server as plaintext instead of ciphertext. Should this occur, no...
1 affected packages
mongodb
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
mongodb | Not in release | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2024-8305
Medium priorityprepareUnique index may cause secondaries to crash due to incorrect enforcement of index constraints on secondaries, where in extreme cases may cause multiple secondaries crashing leading to no primaries. This issue affects...
1 affected packages
mongodb
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
mongodb | Not in release | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2024-27766
Medium priorityAn issue in MariaDB v.11.1 allows a remote attacker to execute arbitrary code via the lib_mysqludf_sys.so function. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed.
10 affected packages
mariadb, mariadb-10.0, mariadb-10.1, mariadb-10.3, mariadb-10.6...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
mariadb | Needs evaluation | Not in release | Not in release | — | — |
mariadb-10.0 | Not in release | Not in release | Not in release | — | Needs evaluation |
mariadb-10.1 | Not in release | Not in release | Not in release | Needs evaluation | — |
mariadb-10.3 | Not in release | Not in release | Ignored | — | — |
mariadb-10.6 | Not in release | Needs evaluation | Not in release | — | — |
mysql-5.5 | Not in release | Not in release | Not in release | — | — |
mysql-5.7 | Not in release | Not in release | Not in release | Not affected | Ignored |
mysql-8.0 | Not affected | Not affected | Not affected | — | — |
percona-server-5.6 | Not in release | Not in release | Not in release | — | Needs evaluation |
percona-xtradb-cluster-5.6 | Not in release | Not in release | Not in release | — | Needs evaluation |
CVE-2023-39593
Medium priorityInsecure permissions in the sys_exec function of MariaDB v10.5 allows authenticated attackers to execute arbitrary commands with elevated privileges. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary...
10 affected packages
mariadb, mariadb-10.0, mariadb-10.1, mariadb-10.3, mariadb-10.6...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
mariadb | Needs evaluation | Not in release | Not in release | — | — |
mariadb-10.0 | Not in release | Not in release | Not in release | — | Needs evaluation |
mariadb-10.1 | Not in release | Not in release | Not in release | Needs evaluation | — |
mariadb-10.3 | Not in release | Not in release | Ignored | — | — |
mariadb-10.6 | Not in release | Needs evaluation | Not in release | — | — |
mysql-5.5 | Not in release | Not in release | Not in release | — | — |
mysql-5.7 | Not in release | Not in release | Not in release | Not affected | Ignored |
mysql-8.0 | Not affected | Not affected | Not affected | — | — |
percona-server-5.6 | Not in release | Not in release | Not in release | — | Needs evaluation |
percona-xtradb-cluster-5.6 | Not in release | Not in release | Not in release | — | Needs evaluation |
CVE-2023-26785
Medium priorityMariaDB v10.5 was discovered to contain a remote code execution (RCE) vulnerability via UDF Code in a Shared Object File, followed by a "create function" statement. NOTE: this is disputed by the MariaDB Foundation because no...
1 affected packages
mariadb
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
mariadb | Needs evaluation | Not in release | Not in release | — | — |
CVE-2024-21247
Medium priorityVulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows...
10 affected packages
mariadb, mariadb-10.0, mariadb-10.1, mariadb-10.3, mariadb-10.6...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
mariadb | Not affected | Not in release | Not in release | — | — |
mariadb-10.0 | Not in release | Not in release | Not in release | — | Not affected |
mariadb-10.1 | Not in release | Not in release | Not in release | Not affected | — |
mariadb-10.3 | Not in release | Not in release | Ignored | — | — |
mariadb-10.6 | Not in release | Not affected | Not in release | — | — |
mysql-5.5 | Not in release | Not in release | Not in release | — | — |
mysql-5.7 | Not in release | Not in release | Not in release | Not affected | Ignored |
mysql-8.0 | Not affected | Not affected | Not affected | — | — |
percona-server-5.6 | Not in release | Not in release | Not in release | — | Not affected |
percona-xtradb-cluster-5.6 | Not in release | Not in release | Not in release | — | Not affected |
CVE-2024-21244
Medium priorityVulnerability in the MySQL Server product of Oracle MySQL (component: Server: Telemetry). Supported versions that are affected are 8.4.2 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows high privileged...
10 affected packages
mariadb, mariadb-10.0, mariadb-10.1, mariadb-10.3, mariadb-10.6...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
mariadb | Not affected | Not in release | Not in release | — | — |
mariadb-10.0 | Not in release | Not in release | Not in release | — | Not affected |
mariadb-10.1 | Not in release | Not in release | Not in release | Not affected | — |
mariadb-10.3 | Not in release | Not in release | Ignored | — | — |
mariadb-10.6 | Not in release | Not affected | Not in release | — | — |
mysql-5.5 | Not in release | Not in release | Not in release | — | — |
mysql-5.7 | Not in release | Not in release | Not in release | Not affected | Ignored |
mysql-8.0 | Not affected | Not affected | Not affected | — | — |
percona-server-5.6 | Not in release | Not in release | Not in release | — | Not affected |
percona-xtradb-cluster-5.6 | Not in release | Not in release | Not in release | — | Not affected |
CVE-2024-21243
Medium priorityVulnerability in the MySQL Server product of Oracle MySQL (component: Server: Telemetry). Supported versions that are affected are 8.4.2 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows high privileged...
10 affected packages
mariadb, mariadb-10.0, mariadb-10.1, mariadb-10.3, mariadb-10.6...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
mariadb | Not affected | Not in release | Not in release | — | — |
mariadb-10.0 | Not in release | Not in release | Not in release | — | Not affected |
mariadb-10.1 | Not in release | Not in release | Not in release | Not affected | — |
mariadb-10.3 | Not in release | Not in release | Ignored | — | — |
mariadb-10.6 | Not in release | Not affected | Not in release | — | — |
mysql-5.5 | Not in release | Not in release | Not in release | — | — |
mysql-5.7 | Not in release | Not in release | Not in release | Not affected | Ignored |
mysql-8.0 | Not affected | Not affected | Not affected | — | — |
percona-server-5.6 | Not in release | Not in release | Not in release | — | Not affected |
percona-xtradb-cluster-5.6 | Not in release | Not in release | Not in release | — | Not affected |
CVE-2024-21241
Medium prioritySome fixes available 4 of 14
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows...
10 affected packages
mariadb, mariadb-10.0, mariadb-10.1, mariadb-10.3, mariadb-10.6...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
mariadb | Needs evaluation | Not in release | Not in release | — | — |
mariadb-10.0 | Not in release | Not in release | Not in release | — | Needs evaluation |
mariadb-10.1 | Not in release | Not in release | Not in release | Needs evaluation | — |
mariadb-10.3 | Not in release | Not in release | Ignored | — | — |
mariadb-10.6 | Not in release | Needs evaluation | Not in release | — | — |
mysql-5.5 | Not in release | Not in release | Not in release | — | — |
mysql-5.7 | Not in release | Not in release | Not in release | Needs evaluation | Ignored |
mysql-8.0 | Fixed | Fixed | Fixed | — | — |
percona-server-5.6 | Not in release | Not in release | Not in release | — | Needs evaluation |
percona-xtradb-cluster-5.6 | Not in release | Not in release | Not in release | — | Needs evaluation |
CVE-2024-21239
Medium prioritySome fixes available 4 of 14
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high...
10 affected packages
mariadb, mariadb-10.0, mariadb-10.1, mariadb-10.3, mariadb-10.6...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
mariadb | Needs evaluation | Not in release | Not in release | — | — |
mariadb-10.0 | Not in release | Not in release | Not in release | — | Needs evaluation |
mariadb-10.1 | Not in release | Not in release | Not in release | Needs evaluation | — |
mariadb-10.3 | Not in release | Not in release | Ignored | — | — |
mariadb-10.6 | Not in release | Needs evaluation | Not in release | — | — |
mysql-5.5 | Not in release | Not in release | Not in release | — | — |
mysql-5.7 | Not in release | Not in release | Not in release | Needs evaluation | Ignored |
mysql-8.0 | Fixed | Fixed | Fixed | — | — |
percona-server-5.6 | Not in release | Not in release | Not in release | — | Needs evaluation |
percona-xtradb-cluster-5.6 | Not in release | Not in release | Not in release | — | Needs evaluation |