8 matches found
EUVD-2024-52643
Malicious code in bioql PyPI...
CVE-2024-54660
A JNDI injection issue was discovered in Cloudera JDBC Connector for Hive before 2.6.26 and JDBC Connector for Impala before 2.6.35. Attackers can inject malicious parameters into the JDBC URL, triggering JNDI injection during the process when the JDBC Driver uses this URL to connect to the...
CVE-2024-54660
A JNDI injection issue was discovered in Cloudera JDBC Connector for Hive before 2.6.26 and JDBC Connector for Impala before 2.6.35. Attackers can inject malicious parameters into the JDBC URL, triggering JNDI injection during the process when the JDBC Driver uses this URL to connect to the...
CVE-2024-54660
CVE-2024-54660 affects Cloudera JDBC Connector for Hive (before 2.6.26) and JDBC Connector for Impala (before 2.6.35). The issue is a JNDI injection triggered by untrusted values in the JAAS-using krbJAASFile parameter within the JDBC URL during connection, allowing potential remote code executio...
CVE-2024-54660
A JNDI injection issue was discovered in Cloudera JDBC Connector for Hive before 2.6.26 and JDBC Connector for Impala before 2.6.35. Attackers can inject malicious parameters into the JDBC URL, triggering JNDI injection during the process when the JDBC Driver uses this URL to connect to the...
Security Bulletin: IBM App Connect Enterprise Certified Container IntegrationServer operands that use the JDBC connector may be vulnerable to denial of service due to CVE-2022-25647
Summary Google Gson is used by IBM App Connect Enterprise Certified Container in the JDBC connector. IBM App Connect Enterprise Certified Container IntegrationServer operands that use the JDBC connector may be vulnerable to denial of service. This bulletin provides patch information to address th...
CVE-2021-36774 Mysql JDBC Connector Deserialize RCE
Apache Kylin allows users to read data from other database systems using JDBC. The MySQL JDBC driver supports certain properties, which, if left unmitigated, can allow an attacker to execute arbitrary code from a hacker-controlled malicious MySQL server within Kylin server processes. This issue...
(0Day) HP Operations Orchestration RSScheduler Service JDBC Connector Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Operations Orchestration. Authentication is not required to exploit this vulnerability. The specific flaw exists within the RSScheduler service JDBC component of Operations Orchestra which liste...