Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
šŸ”„ Daily Hot!
šŸ’ŖšŸ½ CPE Enhanced Advisories
šŸ•¶ Shadow Exploits
šŸ•µšŸ¼ Vulners CPE
šŸ” Security news
šŸ’» Exploit updates
šŸ“‘ Blogs review
šŸ§ Linux vulnerabilities
šŸž Bugbounty
šŸ¤– AI High Score
šŸ“° CVE Feed
show all

3 matches found

Cvelist
Cvelistā€¢added 2025/05/27 8:17 p.m.ā€¢13 views

CVE-2025-5279 Issue with Amazon Redshift Python Connector and the BrowserAzureOAuth2CredentialsProvider plugin

When the Amazon Redshift Python Connector is configured with the BrowserAzureOAuth2CredentialsProvider plugin, the driver skips the SSL certificate validation step for the Identity Provider. An insecure connection could allow an actor to intercept the token exchange process and retrieve an access...

7CVSS0.00191EPSS
Exploits0References3
CVE
CVEā€¢added 2024/12/24 4:15 p.m.ā€¢314 views

CVE-2024-12745

Summary: CVE-2024-12745 affects the Amazon Redshift Python Connector (version 2.1.4). The vulnerability is a SQL injection occurring through the metadata APIs get_schemas, get_tables, and get_columns, potentially enabling elevated privileges. Impact and remediation: Upgrade to driver version 2.1....

8.6CVSS8.4AI score0.00898EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologiesā€¢added 2024/12/18 12:0 a.m.ā€¢2 views

PT-2024-10194

Name of the Vulnerable Software and Affected Versions Amazon Redshift Python Connector version 2.1.4 Description A SQL injection in the Amazon Redshift Python Connector allows a user to gain escalated privileges via the get schemas, get tables, or get columns Metadata APIs. Recommendations For...

8.6CVSS7.8AI score0.00898EPSS
Exploits0References25
Rows per page
Query Builder