Lucene search
K

1026 matches found

NVD
NVD
added 2026/04/03 9:17 p.m.6 views

CVE-2026-35559

Out-of-bounds write in the query processing components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to crash the driver by using specially crafted data that is processed by the driver during query operations. To remediate this issue, users should upgrade to version 2.1.0...

7.1CVSS0.00271EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/04/03 8:15 p.m.1 views

CVE-2026-35558

Improper neutralization of special elements in the authentication components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to execute arbitrary code or redirect authentication flows by using specially crafted connection parameters that are processed by the driver during...

7.8CVSS6.3AI score0.00274EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/04/03 8:15 p.m.1 views

CVE-2026-35558 Improper neutralization of special elements in authentication components in Amazon Athena ODBC driver

Improper neutralization of special elements in the authentication components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to execute arbitrary code or redirect authentication flows by using specially crafted connection parameters that are processed by the driver during...

7.8CVSS6.3AI score0.00274EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/04/03 8:15 p.m.21 views

CVE-2026-35558 Improper neutralization of special elements in authentication components in Amazon Athena ODBC driver

Improper neutralization of special elements in the authentication components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to execute arbitrary code or redirect authentication flows by using specially crafted connection parameters that are processed by the driver during...

7.8CVSS0.00274EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/04/03 8:13 p.m.3 views

CVE-2026-35559

Out-of-bounds write in the query processing components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to crash the driver by using specially crafted data that is processed by the driver during query operations. To remediate this issue, users should upgrade to version 2.1.0...

7.1CVSS5.9AI score0.00271EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/04/03 8:13 p.m.10 views

CVE-2026-5485

OS command injection in the browser-based authentication component in Amazon Athena ODBC driver before 2.0.5.1 on Linux might allow a threat actor to execute arbitrary code by using specially crafted connection parameters that are loaded by the driver during a local user-initiated connection. To...

7.8CVSS6.3AI score0.00727EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2026/04/03 8:13 p.m.3 views

CVE-2026-5485 OS command injection in Amazon Athena ODBC driver on Linux

OS command injection in the browser-based authentication component in Amazon Athena ODBC driver before 2.0.5.1 on Linux might allow a threat actor to execute arbitrary code by using specially crafted connection parameters that are loaded by the driver during a local user-initiated connection. To...

7.8CVSS6.3AI score0.00727EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/04/03 8:13 p.m.17 views

CVE-2026-5485 OS command injection in Amazon Athena ODBC driver on Linux

OS command injection in the browser-based authentication component in Amazon Athena ODBC driver before 2.0.5.1 on Linux might allow a threat actor to execute arbitrary code by using specially crafted connection parameters that are loaded by the driver during a local user-initiated connection. To...

7.8CVSS0.00727EPSS
Exploits0References6
CVE
CVE
added 2026/04/03 8:10 p.m.10 views

CVE-2026-35560

Affected software: Amazon Athena ODBC Driver prior to 2.1.0.0. Issue: Improper certificate validation in the identity provider connection components can enable a man‑in‑the‑middle attack to intercept authentication credentials when connecting to external identity providers. Impact: Credential int...

9.1CVSS5.9AI score0.00261EPSS
Exploits0References6Affected Software1
CNNVD
CNNVD
added 2026/04/03 12:0 a.m.15 views

Amazon Athena ODBC driver 安全漏洞

The Amazon Athena ODBC driver is a database connection driver developed by the American company Amazon. Versions of the Amazon Athena ODBC driver prior to 2.1.0.0 contained security vulnerabilities. These vulnerabilities stemmed from insufficient security controls in the browser-based...

9.8CVSS5.8AI score0.00473EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/04/03 12:0 a.m.9 views

Amazon Athena ODBC driver 安全漏洞

The Amazon Athena ODBC driver is a database connection driver developed by the American company Amazon. Versions of the Amazon Athena ODBC driver prior to 2.0.5.1 contained security vulnerabilities. These vulnerabilities stemmed from the browser-based authentication component’s ability to execute...

7.8CVSS6.1AI score0.00727EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

MiracleLinux 7 : unixODBC-2.3.1-14.el7 (AXSA:2019-4101:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-4101:01 advisory. unixODBC: Buffer overflow in unicodetoansicopy can lead to crash or other unspecified impact CVE-2018-7409 unixODBC: Insecure buffer copy in...

9.8CVSS8AI score0.03082EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/11/10 12:0 a.m.5 views

PT-2025-46181

Name of the Vulnerable Software and Affected Versions AWS JDBC Wrapper versions prior to 2.6.5 AWS Go Wrapper versions prior to 2025-10-17 AWS NodeJS Wrapper versions prior to 2.0.1 AWS Python Wrapper versions prior to 1.4.0 AWS PGSQL ODBC driver versions prior to 1.0.1 Description An issue in AW...

8.6CVSS5.9AI score0.00438EPSS
Exploits0References33
Redos
Redos
added 2025/11/05 12:0 a.m.11 views

ROS-20251105-01

A vulnerability in the Apache Log4cxx C++ logging framework is related to the fact that when using the HTMLLayout, logger names are not properly escaped when written to an HTML file. Exploitation of the vulnerability could allow an attacker acting remotely to obtain sensitive data A vulnerability...

7.8CVSS7.2AI score0.0788EPSS
Exploits3
NVD
NVD
added 2025/10/23 9:15 p.m.12 views

CVE-2025-12100

Incorrect Default Permissions vulnerability in MongoDB BI Connector ODBC driver allows Privilege Escalation.This issue affects BI Connector ODBC driver: from 1.0.0 through 1.4.6...

8.8CVSS0.00123EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/23 9:2 p.m.11 views

CVE-2025-12100 MongoDB BI Connector ODBC driver installation via MSI may leave ACLs unset on custom installation directories

Incorrect Default Permissions vulnerability in MongoDB BI Connector ODBC driver allows Privilege Escalation.This issue affects BI Connector ODBC driver: from 1.0.0 through 1.4.6...

8.8CVSS0.00123EPSS
Exploits0References1
NVD
NVD
added 2025/10/23 1:15 a.m.14 views

CVE-2025-11575

Incorrect Default Permissions vulnerability in MongoDB Atlas SQL ODBC driver on Windows allows Privilege Escalation.This issue affects MongoDB Atlas SQL ODBC driver: from 1.0.0 through 2.0.0...

8.8CVSS0.00122EPSS
Exploits0References1
CVE
CVE
added 2025/10/23 12:22 a.m.21 views

CVE-2025-11575

CVE-2025-11575 affects MongoDB Atlas SQL ODBC driver for Windows, with an Incorrect Default Permissions issue that could allow Privilege Escalation. Affected versions are 1.0.0 through 2.0.0. The documents do not provide explicit exploitation details or a published fix/remediation; additional spe...

8.8CVSS7.2AI score0.00122EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/23 12:22 a.m.8 views

CVE-2025-11575 MongoDB Atlas SQL ODBC driver installation via MSI may leave ACLs unset on custom installation directories

Incorrect Default Permissions vulnerability in MongoDB Atlas SQL ODBC driver on Windows allows Privilege Escalation.This issue affects MongoDB Atlas SQL ODBC driver: from 1.0.0 through 2.0.0...

8.8CVSS0.00122EPSS
Exploits0References1
MongoDB
MongoDB
added 2025/10/09 2:14 p.m.9 views

MongoDB Atlas SQL ODBC driver installation via MSI may leave ACLs unset on custom installation directories

Incorrect Default Permissions vulnerability in MongoDB Atlas SQL ODBC driver on Windows allows Privilege Escalation.This issue affects MongoDB Atlas SQL ODBC driver: from 1.0.0 through 2.0.0...

8.8CVSS7.6AI score0.00122EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder