Lucene search
K

26 matches found

Positive Technologies
Positive Technologies
added 2024/12/18 12:0 a.m.4 views

PT-2024-10193 · Amazon · Amazon Redshift Jdbc Driver

Name of the Vulnerable Software and Affected Versions: Amazon Redshift JDBC Driver version 2.1.0.31 Description: A SQL injection issue in the Amazon Redshift JDBC Driver allows a user to gain escalated privileges via the getSchemas, getTables, or getColumns Metadata APIs. This issue can be...

8.6CVSS8.2AI score0.00579EPSS
Exploits0References22
SUSE CVE
SUSE CVE
added 2024/05/16 2:20 a.m.5 views

SUSE CVE-2024-32888

The Amazon JDBC Driver for Redshift is a Type 4 JDBC driver that provides database connectivity through the standard JDBC application program interfaces APIs available in the Java Platform, Enterprise Editions. Prior to version 2.1.0.28, SQL injection is possible when using the non-default...

10CVSS8.1AI score0.00778EPSS
Exploits0References3
OSV
OSV
added 2022/10/12 6:23 p.m.6 views

GHSA-JC69-HJW2-FM86 com.amazon.redshift:redshift-jdbc42 vulnerable to remote command execution

Impact A potential remote command execution issue exists within redshift-jdbc42 versions 2.1.0.7 and below. When plugins are used with the driver, it instantiates plugin instances based on Java class names provided via the sslhostnameverifier, socketFactory, sslfactory, and sslpasswordcallback...

7.1CVSS6.4AI score0.01469EPSS
Exploits1References5
OSV
OSV
added 2022/09/30 12:0 a.m.3 views

GHSA-5C6Q-F783-H888 Duplicate Advisory: AWS Redshift JDBC Driver fails to validate class type during object instantiation

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-jc69-hjw2-fm86. This link is maintained to preserve external references. Original Description In Amazon AWS Redshift JDBC Driver aka amazon-redshift-jdbc-driver or redshift-jdbc42 before 2.1.0.8, the Object...

8.1CVSS7AI score0.01469EPSS
Exploits1References5
Malwarebytes
Malwarebytes
added 2022/05/11 2:36 p.m.109 views

Update now! Microsoft releases patches, including one for actively exploited zero-day

Microsoft has released patches for 74 security problems, including fixes for seven “critical” vulnerabilities, and an actively exploited zero-day vulnerability that affects all supported versions of Windows. First, well look at the actively exploited zero-day. Then well discuss two zero-days that...

9.3CVSS2AI score0.80933EPSS
Exploits3
ATTACKERKB
ATTACKERKB
added 2022/05/09 6:15 p.m.2 views

CVE-2022-30240

An argument injection vulnerability in the browser-based authentication component of the Magnitude Simba Amazon Redshift JDBC Driver 1.2.40 through 1.2.55 may allow a local user to execute code. NOTE: this is different from CVE-2022-29972...

7.8CVSS7.4AI score0.03686EPSS
Exploits0References3
Rows per page
Query Builder