Untrusted Search Path

Overview software.amazon.jdbc:aws-advanced-jdbc-wrapper is an Amazon Web Services AWS Advanced JDBC Wrapper Affected versions of this package are vulnerable to Untrusted Search Path in the GlobalAuroraPgDialect, which is included in the public schema. A low-privileged user can elevate privileges ...

io.camunda:camunda-zeebe (>=8.9.0 <=8.10.0-alpha1-rc3), org.finos.legend.engine:legend-engine-xt-relationalStore-aurora-execution (>=4.128.0 <=4.129.11) +3 more potentially affected by CVE-2026-11400 via software.amazon.jdbc:aws-advanced-jdbc-wrapper (>=3.2.0 <=4.0.0)

software.amazon.jdbc:aws-advanced-jdbc-wrapper MAVEN version =3.2.0, =8.9.0, =4.128.0, =4.129.11 - org.wildfly:wildfly-datasources-galleon-pack =11.4.0.Final - org.wildfly:wildfly-datasources-galleon-pack-common =11.4.0.Final - org.wildfly:wildfly-datasources-preview-galleon-pack =11.4.0.Final...

ch.admin.bit.jeap:jeap-archrepo-docgen (>=2.10.0 <=3.1.1), ch.admin.bit.jeap:jeap-archrepo-importer-openapi (>=1.10.0 <=3.1.1) +8 more potentially affected by CVE-2025-12967 via software.amazon.jdbc:aws-advanced-jdbc-wrapper (>=2.3.7 <=2.5.6)

software.amazon.jdbc:aws-advanced-jdbc-wrapper MAVEN version =2.3.7, =2.10.0, =1.10.0, =1.15.0, =1.10.0, =1.10.0, =1.10.0, =1.10.0, =17.16.0, =2.0.0, =26.6.0, =26.6.2 Source cves: CVE-2025-12967 Source advisory: OSV:GHSA-7XW4-G7MM-R4HH...

EUVD-2024-1847

Malicious code in bioql PyPI...

CVE-2024-32888 Amazon JDBC Driver for Redshift SQL Injection via line comment generation

The Amazon JDBC Driver for Redshift is a Type 4 JDBC driver that provides database connectivity through the standard JDBC application program interfaces APIs available in the Java Platform, Enterprise Editions. Prior to version 2.1.0.28, SQL injection is possible when using the non-default...