23 matches found
CVE-2026-48133
When the Identity Awareness blade is enabled with Browser-Based Authentication, an unauthenticated user may be able to read certain internal files on the Security Gateway...
CVE-2026-48133
When the Identity Awareness blade is enabled with Browser-Based Authentication, an unauthenticated user may be able to read certain internal files on the Security Gateway...
CVE-2026-48133
The CVE-2026-48133 issue affects the Identity Awareness blade when Browser-Based Authentication is enabled on the Security Gateway, allowing an unauthenticated attacker to read certain internal files. The NVD entry details no exploitation specifics beyond the unauthenticated local file read, and ...
EUVD-2026-31820
When the Identity Awareness blade is enabled with Browser-Based Authentication, an unauthenticated user may be able to read certain internal files on the Security Gateway...
CVE-2026-48133 Identity Awareness Captive Portal - Unauthenticated Local File Inclusion
When the Identity Awareness blade is enabled with Browser-Based Authentication, an unauthenticated user may be able to read certain internal files on the Security Gateway...
CVE-2026-48133
When the Identity Awareness blade is enabled with Browser-Based Authentication, an unauthenticated user may be able to read certain internal files on the Security Gateway...
PT-2026-43237
When the Identity Awareness blade is enabled with Browser-Based Authentication, an unauthenticated user may be able to read certain internal files on the Security Gateway...
CVE-2026-48133 Identity Awareness Captive Portal - Unauthenticated Local File Inclusion
Symptoms - When the Identity Awareness blade is enabled with Browser-Based Authentication, an unauthenticated user may be able to read certain internal files on the Security Gateway. - This issue affects: R82.10 with Jumbo Hotfix Take 6 or below R82 with Jumbo Hotfix Take 91 or below R81.20 with...
CVE-2026-35561
Insufficient authentication security controls in the browser-based authentication components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to intercept or hijack authentication sessions due to insufficient protections in the browser-based authentication flows. To remediat...
CVE-2026-5485 OS command injection in Amazon Athena ODBC driver on Linux
OS command injection in the browser-based authentication component in Amazon Athena ODBC driver before 2.0.5.1 on Linux might allow a threat actor to execute arbitrary code by using specially crafted connection parameters that are loaded by the driver during a local user-initiated connection. To...
CVE-2026-35561 Insufficient authentication security controls in browser-based authentication components in Amazon Athena ODBC driver
Insufficient authentication security controls in the browser-based authentication components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to intercept or hijack authentication sessions due to insufficient protections in the browser-based authentication flows. To remediat...
CVE-2026-35561 Insufficient authentication security controls in browser-based authentication components in Amazon Athena ODBC driver
Insufficient authentication security controls in the browser-based authentication components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to intercept or hijack authentication sessions due to insufficient protections in the browser-based authentication flows. To remediat...
Amazon Athena ODBC driver 安全漏洞
The Amazon Athena ODBC driver is a database connection driver developed by the American company Amazon. Versions of the Amazon Athena ODBC driver prior to 2.1.0.0 contained security vulnerabilities. These vulnerabilities stemmed from insufficient security controls in the browser-based...
PT-2026-30220
Insufficient authentication security controls in the browser-based authentication components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to intercept or hijack authentication sessions due to insufficient protections in the browser-based authentication flows. To remediat...
EUVD-2022-35445
Malicious code in bioql PyPI...
EUVD-2022-34277
Malicious code in bioql PyPI...
CVE-2022-29971
An argument injection vulnerability in the browser-based authentication component of the Magnitude Simba Amazon Athena ODBC Driver 1.1.1 through 1.1.x before 1.1.17 may allow a local user to execute arbitrary code...
Design/Logic Flaw
An argument injection vulnerability in the browser-based authentication component of the Magnitude Simba Amazon Athena ODBC Driver 1.1.1 through 1.1.x before 1.1.17 may allow a local user to execute arbitrary code...
Design/Logic Flaw
An argument injection vulnerability in the browser-based authentication component of the Magnitude Simba Amazon Athena JDBC Driver 2.0.25 through 2.0.28 may allow a local user to execute code. NOTE: this is different from CVE-2022-29971...
Design/Logic Flaw
An argument injection vulnerability in the browser-based authentication component of the Magnitude Simba Amazon Redshift JDBC Driver 1.2.40 through 1.2.55 may allow a local user to execute code. NOTE: this is different from CVE-2022-29972...