Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

266 matches found

OSV
OSVadded 2024/12/24 5:15 p.m.1 views

CVE-2024-12746

A SQL injection in the Amazon Redshift ODBC Driver v2.1.5.0 Windows or Linux allows a user to gain escalated privileges via the SQLTables or SQLColumns Metadata APIs. Users are recommended to upgrade to the driver version 2.1.6.0 or revert to driver version 2.1.4.0...

8.6CVSS8.2AI score
Exploits0References3
NVD
NVDadded 2024/12/24 5:15 p.m.17 views

CVE-2024-12746

A SQL injection in the Amazon Redshift ODBC Driver v2.1.5.0 Windows or Linux allows a user to gain escalated privileges via the SQLTables or SQLColumns Metadata APIs. Users are recommended to upgrade to the driver version 2.1.6.0 or revert to driver version 2.1.4.0...

8.6CVSS0.00658EPSS
Exploits0References3
OSV
OSVadded 2024/12/24 5:15 p.m.2 views

CVE-2024-12744

A SQL injection in the Amazon Redshift JDBC Driver in v2.1.0.31 allows a user to gain escalated privileges via the getSchemas, getTables, or getColumns Metadata APIs. Users should upgrade to the driver version 2.1.0.32 or revert to driver version 2.1.0.30...

8.6CVSS7.9AI score
Exploits0References3
NVD
NVDadded 2024/12/24 5:15 p.m.14 views

CVE-2024-12744

A SQL injection in the Amazon Redshift JDBC Driver in v2.1.0.31 allows a user to gain escalated privileges via the getSchemas, getTables, or getColumns Metadata APIs. Users should upgrade to the driver version 2.1.0.32 or revert to driver version 2.1.0.30...

8.6CVSS0.0076EPSS
Exploits0References3
Snyk
Snykadded 2024/12/24 4:39 p.m.1 views

SQL Injection

Overview redshift-connector is a Redshift interface library Affected versions of this package are vulnerable to SQL Injection via the getschemas, gettables, or getcolumns APIs. An attacker can escalate privileges by injecting a malicious schema and causing a higher privileged user or process to...

8.6CVSS8.1AI score0.00898EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2024/12/24 4:16 p.m.17 views

CVE-2024-12746 SQL Injection in the Amazon Redshift ODBC Driver affecting v2.1.5.0

A SQL injection in the Amazon Redshift ODBC Driver v2.1.5.0 Windows or Linux allows a user to gain escalated privileges via the SQLTables or SQLColumns Metadata APIs. Users are recommended to upgrade to the driver version 2.1.6.0 or revert to driver version 2.1.4.0...

8.6CVSS8AI score0.00658EPSS
Exploits0References3
CVE
CVEadded 2024/12/24 4:16 p.m.611 views

CVE-2024-12746

Summary: CVE-2024-12746 concerns the Amazon Redshift ODBC Driver (v2.1.5.0) for Windows/Linux, where a SQL injection via the SQLTables or SQLColumns Metadata APIs can let a user escalate privileges. The issue is confirmed in multiple sources attached to the CVE, with recommended mitigation: upgra...

8.6CVSS8.4AI score0.00658EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2024/12/24 4:16 p.m.21 views

CVE-2024-12746 SQL Injection in the Amazon Redshift ODBC Driver affecting v2.1.5.0

A SQL injection in the Amazon Redshift ODBC Driver v2.1.5.0 Windows or Linux allows a user to gain escalated privileges via the SQLTables or SQLColumns Metadata APIs. Users are recommended to upgrade to the driver version 2.1.6.0 or revert to driver version 2.1.4.0...

8.6CVSS0.00658EPSS
Exploits0References3
Cvelist
Cvelistadded 2024/12/24 4:15 p.m.18 views

CVE-2024-12745 SQL Injection in the Amazon Redshift Python Connector affecting v2.1.4

A SQL injection in the Amazon Redshift Python Connector v2.1.4 allows a user to gain escalated privileges via the getschemas, gettables, or getcolumns Metadata APIs. Users are recommended to upgrade to the driver version 2.1.5 or revert to driver version 2.1.3...

8.6CVSS0.00898EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2024/12/24 4:15 p.m.11 views

CVE-2024-12745 SQL Injection in the Amazon Redshift Python Connector affecting v2.1.4

A SQL injection in the Amazon Redshift Python Connector v2.1.4 allows a user to gain escalated privileges via the getschemas, gettables, or getcolumns Metadata APIs. Users are recommended to upgrade to the driver version 2.1.5 or revert to driver version 2.1.3...

8.6CVSS8AI score0.00898EPSS
Exploits0References3
CVE
CVEadded 2024/12/24 4:15 p.m.315 views

CVE-2024-12745

Summary: CVE-2024-12745 affects the Amazon Redshift Python Connector (version 2.1.4). The vulnerability is a SQL injection occurring through the metadata APIs get_schemas, get_tables, and get_columns, potentially enabling elevated privileges. Impact and remediation: Upgrade to driver version 2.1....

8.6CVSS8.4AI score0.00898EPSS
Exploits0References3Affected Software1
CVE
CVEadded 2024/12/24 4:12 p.m.87 views

CVE-2024-12744

CVE-2024-12744 affects the Amazon Redshift JDBC Driver v2.1.0.31, where a SQL injection via the getSchemas, getTables, or getColumns metadata APIs can grant escalated privileges. The issue is fixed in driver v2.1.0.32; guidance is to upgrade to 2.1.0.32 or revert to 2.1.0.30. Exploitation details...

8.6CVSS8.4AI score0.0076EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichmentadded 2024/12/24 4:12 p.m.12 views

CVE-2024-12744 SQL Injection in the Amazon Redshift JDBC Driver affecting v2.1.0.31

A SQL injection in the Amazon Redshift JDBC Driver in v2.1.0.31 allows a user to gain escalated privileges via the getSchemas, getTables, or getColumns Metadata APIs. Users should upgrade to the driver version 2.1.0.32 or revert to driver version 2.1.0.30...

8.6CVSS8.3AI score0.0076EPSS
Exploits0References3
Cvelist
Cvelistadded 2024/12/24 4:12 p.m.17 views

CVE-2024-12744 SQL Injection in the Amazon Redshift JDBC Driver affecting v2.1.0.31

A SQL injection in the Amazon Redshift JDBC Driver in v2.1.0.31 allows a user to gain escalated privileges via the getSchemas, getTables, or getColumns Metadata APIs. Users should upgrade to the driver version 2.1.0.32 or revert to driver version 2.1.0.30...

8.6CVSS0.0076EPSS
Exploits0References3
CNNVD
CNNVDadded 2024/12/24 12:0 a.m.2 views

Redshift JDBC Driver 安全漏洞

Redshift JDBC Driver is an open source Redshift JDBC driver for Amazon Web Services. A security vulnerability exists in Redshift JDBC Driver version 2.1.0.31, which stems from an SQL injection vulnerability that could allow a user to gain escalated privileges via the getSchemas, getTables, or...

8.6CVSS7.8AI score0.0076EPSS
Exploits0References2
CNNVD
CNNVDadded 2024/12/24 12:0 a.m.3 views

redshift_connector 安全漏洞

redshiftconnector is an Amazon Web Services open source Amazon Redshift connector for Python. A security vulnerability exists in redshiftconnector version 2.1.4 that stems from the presence of a SQL injection vulnerability that allows escalated privileges to be gained via the getschemas, gettable...

8.6CVSS7.5AI score0.00898EPSS
Exploits0References2
CNNVD
CNNVDadded 2024/12/24 12:0 a.m.2 views

Redshift ODBC Driver 安全漏洞

Redshift ODBC Driver is an Amazon ODBC driver that is open source by Amazon Web Services. A security vulnerability exists in Redshift ODBC Driver version 2.1.5.0, which stems from an SQL injection vulnerability that could allow a user to gain escalated privileges via the SQLTables or SQLColumns...

8.6CVSS7.9AI score0.00658EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2024/12/23 12:0 a.m.3 views

PT-2024-9952

Name of the Vulnerable Software and Affected Versions: Amazon Redshift ODBC Driver version 2.1.5.0 Description: A SQL injection issue in the Amazon Redshift ODBC Driver is related to the lack of protection for the SQL query structure. This can allow a remote attacker to gain escalated privileges...

8.6CVSS7.9AI score0.00658EPSS
Exploits0References25
Positive Technologies
Positive Technologiesadded 2024/12/18 12:0 a.m.2 views

PT-2024-10194

Name of the Vulnerable Software and Affected Versions Amazon Redshift Python Connector version 2.1.4 Description A SQL injection in the Amazon Redshift Python Connector allows a user to gain escalated privileges via the get schemas, get tables, or get columns Metadata APIs. Recommendations For...

8.6CVSS7.8AI score0.00898EPSS
Exploits0References25
Positive Technologies
Positive Technologiesadded 2024/12/18 12:0 a.m.3 views

PT-2024-10193 · Amazon · Amazon Redshift Jdbc Driver

Name of the Vulnerable Software and Affected Versions: Amazon Redshift JDBC Driver version 2.1.0.31 Description: A SQL injection issue in the Amazon Redshift JDBC Driver allows a user to gain escalated privileges via the getSchemas, getTables, or getColumns Metadata APIs. This issue can be...

8.6CVSS8.2AI score0.0076EPSS
Exploits0References22
Rows per page
Query Builder