PT-2026-40461

Name of the Vulnerable Software and Affected Versions Claris FileMaker Cloud versions prior to 2.22.0.5 Description A Remote Code Execution issue allows a user with Admin Console privileges to inject arbitrary operating system commands. This occurs due to unsanitized input within the External ODB...

CVE-2026-35562

Allocation of resources without limits in the parsing components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to cause a denial of service by delivering crafted input that triggers excessive resource consumption during the driver's parsing operations. To remediate this...

EUVD-2026-18859

Allocation of resources without limits in the parsing components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to cause a denial of service by delivering crafted input that triggers excessive resource consumption during the driver's parsing operations. To remediate this...

EUVD-2026-18861

OS command injection in the browser-based authentication component in Amazon Athena ODBC driver before 2.0.5.1 on Linux might allow a threat actor to execute arbitrary code by using specially crafted connection parameters that are loaded by the driver during a local user-initiated connection. To...

CVE-2026-35562 Allocation of resources without limits in parsing components in Amazon Athena ODBC driver

Allocation of resources without limits in the parsing components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to cause a denial of service by delivering crafted input that triggers excessive resource consumption during the driver's parsing operations. To remediate this...

CVE-2026-35561

Insufficient authentication security controls in the browser-based authentication components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to intercept or hijack authentication sessions due to insufficient protections in the browser-based authentication flows. To remediat...

CVE-2025-12100

Incorrect Default Permissions vulnerability in MongoDB BI Connector ODBC driver allows Privilege Escalation.This issue affects BI Connector ODBC driver: from 1.0.0 through 1.4.6...

CVE-2025-12100

CVE-2025-12100 affects MongoDB BI Connector ODBC driver versions 1.0.0–1.4.6, due to an incorrectly set default privilege that enables local privilege escalation. The issue is documented across multiple sources (including Red Hat and OSV entries) with the same description. A fix appears in v1.4.7...

EUVD-2025-35637

Incorrect Default Permissions vulnerability in MongoDB Atlas SQL ODBC driver on Windows allows Privilege Escalation.This issue affects MongoDB Atlas SQL ODBC driver: from 1.0.0 through 2.0.0...

USN-7780-1 qtbase-opensource-src vulnerabilities

It was discovered that Qt did not correctly handle certain inputs when using the SQL ODBC driver plugin. An attacker could possibly use this issue to cause a denial of service. CVE-2023-24607 It was discovered that Qt did not correctly parse certain strict-transport- security headers. An attacker...

Debian dla-4300 : libapache2-mod-shib - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4300 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4300-1 [email protected] https://www.debian.org/lts/security/...

CVE-2025-9943

An SQL injection vulnerability has been identified in the "ID" attribute of the SAML response when the replay cache of the Shibboleth Service Provider SP is configured to use an SQL database as storage service. An unauthenticated attacker can exploit this issue via blind SQL injection, allowing f...

CVE-2025-9943

An SQL injection vulnerability has been identified in the "ID" attribute of the SAML response when the replay cache of the Shibboleth Service Provider SP is configured to use an SQL database as storage service. An unauthenticated attacker can exploit this issue via blind SQL injection, allowing f...

UBUNTU-CVE-2025-9943

An SQL injection vulnerability has been identified in the "ID" attribute of the SAML response when the replay cache of the Shibboleth Service Provider SP is configured to use an SQL database as storage service. An unauthenticated attacker can exploit this issue via blind SQL injection, allowing f...

CVE-2025-9943 Unauthenticated SQL Injection Vulnerability in Shibboleth Service Provider

An SQL injection vulnerability has been identified in the "ID" attribute of the SAML response when the replay cache of the Shibboleth Service Provider SP is configured to use an SQL database as storage service. An unauthenticated attacker can exploit this issue via blind SQL injection, allowing f...

CVE-2025-9943

An SQL injection vulnerability has been identified in the "ID" attribute of the SAML response when the replay cache of the Shibboleth Service Provider SP is configured to use an SQL database as storage service. An unauthenticated attacker can exploit this issue via blind SQL injection, allowing f...

Linux Distros Unpatched Vulnerability : CVE-2022-26651

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Asterisk through 19.x and Certified Asterisk through 16.8-cert13. The funcodbc module provides possibly inadequate escaping...

PT-2024-40014 · Unknown · Codeigniter

Name of the Vulnerable Software and Affected Versions: CodeIgniter version 3.1.0 and earlier Description: A critical security issue was found in the ODBC database driver, which could lead to SQL injection. This issue has been mitigated with crucial fixes in the update. The query builder and escap...

Vulnerabilities fixed in Micorosft SQL Server

Microsoft has fixed vulnerabilities in SQL Server. The vulnerabilities are located in the various ODBC and OLE DB drivers and allow a malicious party to execute arbitrary code execute application privileges, potentially gaining access gain access to sensitive data. Successful abuse requires the...

CVE-2024-28935

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability...