Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2026/04/06 10:57 a.m.5 views

CVE-2026-35558

Improper neutralization of special elements in the authentication components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to execute arbitrary code or redirect authentication flows by using specially crafted connection parameters that are processed by the driver during...

7.8CVSS6.3AI score0.00274EPSS
Exploits0References1
NVD
NVD
added 2026/04/03 9:17 p.m.2 views

CVE-2026-35558

Improper neutralization of special elements in the authentication components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to execute arbitrary code or redirect authentication flows by using specially crafted connection parameters that are processed by the driver during...

7.8CVSS0.00274EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/04/03 8:15 p.m.18 views

CVE-2026-35558 Improper neutralization of special elements in authentication components in Amazon Athena ODBC driver

Improper neutralization of special elements in the authentication components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to execute arbitrary code or redirect authentication flows by using specially crafted connection parameters that are processed by the driver during...

7.8CVSS0.00274EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/04/03 8:13 p.m.7 views

CVE-2026-5485

OS command injection in the browser-based authentication component in Amazon Athena ODBC driver before 2.0.5.1 on Linux might allow a threat actor to execute arbitrary code by using specially crafted connection parameters that are loaded by the driver during a local user-initiated connection. To...

7.8CVSS6.3AI score0.00727EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2026/04/03 8:13 p.m.3 views

CVE-2026-5485 OS command injection in Amazon Athena ODBC driver on Linux

OS command injection in the browser-based authentication component in Amazon Athena ODBC driver before 2.0.5.1 on Linux might allow a threat actor to execute arbitrary code by using specially crafted connection parameters that are loaded by the driver during a local user-initiated connection. To...

7.8CVSS6.3AI score0.00727EPSS
Exploits0References6
CVE
CVE
added 2026/04/03 8:10 p.m.9 views

CVE-2026-35560

Affected software: Amazon Athena ODBC Driver prior to 2.1.0.0. Issue: Improper certificate validation in the identity provider connection components can enable a man‑in‑the‑middle attack to intercept authentication credentials when connecting to external identity providers. Impact: Credential int...

9.1CVSS5.9AI score0.00261EPSS
Exploits0References6Affected Software1
CNNVD
CNNVD
added 2026/04/03 12:0 a.m.15 views

Amazon Athena ODBC driver 安全漏洞

The Amazon Athena ODBC driver is a database connection driver developed by the American company Amazon. Versions of the Amazon Athena ODBC driver prior to 2.1.0.0 contained security vulnerabilities. These vulnerabilities stemmed from insufficient security controls in the browser-based...

9.8CVSS5.8AI score0.00473EPSS
Exploits0References6
NVD
NVD
added 2022/05/09 6:15 p.m.24 views

CVE-2022-29971

An argument injection vulnerability in the browser-based authentication component of the Magnitude Simba Amazon Athena ODBC Driver 1.1.1 through 1.1.x before 1.1.17 may allow a local user to execute arbitrary code...

7.8CVSS0.00346EPSS
Exploits0References2
Rows per page
Query Builder