Lucene search
K

151 matches found

Cvelist
Cvelist
added 2026/04/03 8:10 p.m.20 views

CVE-2026-35562 Allocation of resources without limits in parsing components in Amazon Athena ODBC driver

Allocation of resources without limits in the parsing components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to cause a denial of service by delivering crafted input that triggers excessive resource consumption during the driver's parsing operations. To remediate this...

8.7CVSS0.00379EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/04/03 8:10 p.m.2 views

CVE-2026-35562 Allocation of resources without limits in parsing components in Amazon Athena ODBC driver

Allocation of resources without limits in the parsing components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to cause a denial of service by delivering crafted input that triggers excessive resource consumption during the driver's parsing operations. To remediate this...

8.7CVSS5.9AI score0.00379EPSS
Exploits0References6
CVE
CVE
added 2026/04/03 8:10 p.m.11 views

CVE-2026-35562

CVE-2026-35562 affects the Amazon Athena ODBC driver prior to version 2.1.0.0, where allocations of resources in the parsing components may be unbounded, enabling a threat actor to induce a denial of service via crafted input during parsing. Affected platforms include Windows, Linux, and macOS bu...

8.7CVSS5.9AI score0.00379EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/03 8:10 p.m.2 views

CVE-2026-35561 Insufficient authentication security controls in browser-based authentication components in Amazon Athena ODBC driver

Insufficient authentication security controls in the browser-based authentication components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to intercept or hijack authentication sessions due to insufficient protections in the browser-based authentication flows. To remediat...

9.1CVSS5.9AI score0.00473EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/04/03 8:10 p.m.2 views

CVE-2026-35561

Insufficient authentication security controls in the browser-based authentication components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to intercept or hijack authentication sessions due to insufficient protections in the browser-based authentication flows. To remediat...

9.1CVSS5.9AI score0.00473EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/04/03 8:10 p.m.20 views

CVE-2026-35561 Insufficient authentication security controls in browser-based authentication components in Amazon Athena ODBC driver

Insufficient authentication security controls in the browser-based authentication components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to intercept or hijack authentication sessions due to insufficient protections in the browser-based authentication flows. To remediat...

9.1CVSS0.00473EPSS
Exploits0References6
CVE
CVE
added 2026/04/03 8:10 p.m.12 views

CVE-2026-35561

CVE-2026-35561 affects the Amazon Athena ODBC driver (before 2.1.0.0) due to insufficient authentication controls in browser-based authentication components. This could allow a threat actor to intercept or hijack authentication sessions. Impact is stated as high/critical depending on metric, with...

9.8CVSS5.9AI score0.00473EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/03 8:10 p.m.3 views

CVE-2026-35560 Improper certificate validation in identity provider connection components in Amazon Athena ODBC driver

Improper certificate validation in the identity provider connection components in Amazon Athena ODBC driver before 2.1.0.0 might allow a man-in-the-middle threat actor to intercept authentication credentials due to insufficient default transport security when connecting to identity providers. Thi...

9.1CVSS5.9AI score0.00261EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/04/03 8:10 p.m.21 views

CVE-2026-35560 Improper certificate validation in identity provider connection components in Amazon Athena ODBC driver

Improper certificate validation in the identity provider connection components in Amazon Athena ODBC driver before 2.1.0.0 might allow a man-in-the-middle threat actor to intercept authentication credentials due to insufficient default transport security when connecting to identity providers. Thi...

9.1CVSS0.00261EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/04/03 8:10 p.m.3 views

CVE-2026-35560

Improper certificate validation in the identity provider connection components in Amazon Athena ODBC driver before 2.1.0.0 might allow a man-in-the-middle threat actor to intercept authentication credentials due to insufficient default transport security when connecting to identity providers. Thi...

9.1CVSS5.9AI score0.00261EPSS
Exploits0References7
CVE
CVE
added 2026/04/03 8:10 p.m.10 views

CVE-2026-35560

Affected software: Amazon Athena ODBC Driver prior to 2.1.0.0. Issue: Improper certificate validation in the identity provider connection components can enable a man‑in‑the‑middle attack to intercept authentication credentials when connecting to external identity providers. Impact: Credential int...

9.1CVSS5.9AI score0.00261EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/03 12:0 a.m.3 views

PT-2026-30219

Improper certificate validation in the identity provider connection components in Amazon Athena ODBC driver before 2.1.0.0 might allow a man-in-the-middle threat actor to intercept authentication credentials due to insufficient default transport security when connecting to identity providers. Thi...

9.1CVSS5.9AI score0.00261EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/04/03 12:0 a.m.8 views

Amazon Athena ODBC driver 安全漏洞

The Amazon Athena ODBC driver is a database connection driver developed by the American company Amazon. Versions of the Amazon Athena ODBC driver prior to 2.1.0.0 contained a security vulnerability. This vulnerability stemmed from the unlimited resource allocation in the parsing component, which...

8.7CVSS5.8AI score0.00379EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/04/03 12:0 a.m.15 views

Amazon Athena ODBC driver 安全漏洞

The Amazon Athena ODBC driver is a database connection driver developed by the American company Amazon. Versions of the Amazon Athena ODBC driver prior to 2.1.0.0 contained security vulnerabilities. These vulnerabilities stemmed from insufficient security controls in the browser-based...

9.8CVSS5.8AI score0.00473EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/04/03 12:0 a.m.9 views

Amazon Athena ODBC driver 安全漏洞

The Amazon Athena ODBC driver is a database connection driver developed by the American company Amazon. Versions of the Amazon Athena ODBC driver prior to 2.1.0.0 contained a security vulnerability. This vulnerability stemmed from improper certificate verification in the identity provider...

9.1CVSS5.8AI score0.00261EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/03 12:0 a.m.3 views

PT-2026-30217

Improper neutralization of special elements in the authentication components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to execute arbitrary code or redirect authentication flows by using specially crafted connection parameters that are processed by the driver during...

7.8CVSS6.3AI score0.00274EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/04/03 12:0 a.m.4 views

PT-2026-30218

Out-of-bounds write in the query processing components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to crash the driver by using specially crafted data that is processed by the driver during query operations. To remediate this issue, users should upgrade to version 2.1.0...

7.1CVSS5.9AI score0.00271EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/04/03 12:0 a.m.4 views

PT-2026-30220

Insufficient authentication security controls in the browser-based authentication components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to intercept or hijack authentication sessions due to insufficient protections in the browser-based authentication flows. To remediat...

9.1CVSS5.9AI score0.00473EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/04/03 12:0 a.m.9 views

Amazon Athena ODBC driver 安全漏洞

The Amazon Athena ODBC driver is a database connection driver developed by the American company Amazon. Versions of the Amazon Athena ODBC driver prior to 2.0.5.1 contained security vulnerabilities. These vulnerabilities stemmed from the browser-based authentication component’s ability to execute...

7.8CVSS6.1AI score0.00727EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/04/03 12:0 a.m.8 views

Amazon Athena ODBC driver 安全漏洞

The Amazon Athena ODBC driver is a database connection driver developed by the American company Amazon. Versions of the Amazon Athena ODBC driver prior to 2.1.0.0 contained security vulnerabilities. These vulnerabilities stemmed from improper handling of special elements in the authentication...

7.8CVSS6.2AI score0.00274EPSS
Exploits0References6
Rows per page
Query Builder