Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2026/04/06 10:57 a.m.4 views

CVE-2026-35560

Improper certificate validation in the identity provider connection components in Amazon Athena ODBC driver before 2.1.0.0 might allow a man-in-the-middle threat actor to intercept authentication credentials due to insufficient default transport security when connecting to identity providers. Thi...

9.1CVSS5.9AI score0.00261EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/03 9:31 p.m.6 views

EUVD-2026-18851

Improper neutralization of special elements in the authentication components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to execute arbitrary code or redirect authentication flows by using specially crafted connection parameters that are processed by the driver during...

7.8CVSS6.3AI score0.00274EPSS
Exploits0References7
NVD
NVD
added 2026/04/03 9:17 p.m.4 views

CVE-2026-35558

Improper neutralization of special elements in the authentication components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to execute arbitrary code or redirect authentication flows by using specially crafted connection parameters that are processed by the driver during...

7.8CVSS0.00274EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/04/03 8:15 p.m.21 views

CVE-2026-35558 Improper neutralization of special elements in authentication components in Amazon Athena ODBC driver

Improper neutralization of special elements in the authentication components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to execute arbitrary code or redirect authentication flows by using specially crafted connection parameters that are processed by the driver during...

7.8CVSS0.00274EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/04/03 8:15 p.m.2 views

CVE-2026-35558

Improper neutralization of special elements in the authentication components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to execute arbitrary code or redirect authentication flows by using specially crafted connection parameters that are processed by the driver during...

7.8CVSS6.3AI score0.00274EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/04/03 8:13 p.m.3 views

CVE-2026-35559

Out-of-bounds write in the query processing components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to crash the driver by using specially crafted data that is processed by the driver during query operations. To remediate this issue, users should upgrade to version 2.1.0...

7.1CVSS5.9AI score0.00271EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/04/03 8:10 p.m.20 views

CVE-2026-35561 Insufficient authentication security controls in browser-based authentication components in Amazon Athena ODBC driver

Insufficient authentication security controls in the browser-based authentication components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to intercept or hijack authentication sessions due to insufficient protections in the browser-based authentication flows. To remediat...

9.1CVSS0.00473EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/04/03 8:10 p.m.3 views

CVE-2026-35560 Improper certificate validation in identity provider connection components in Amazon Athena ODBC driver

Improper certificate validation in the identity provider connection components in Amazon Athena ODBC driver before 2.1.0.0 might allow a man-in-the-middle threat actor to intercept authentication credentials due to insufficient default transport security when connecting to identity providers. Thi...

9.1CVSS5.9AI score0.00261EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/04/03 8:10 p.m.21 views

CVE-2026-35560 Improper certificate validation in identity provider connection components in Amazon Athena ODBC driver

Improper certificate validation in the identity provider connection components in Amazon Athena ODBC driver before 2.1.0.0 might allow a man-in-the-middle threat actor to intercept authentication credentials due to insufficient default transport security when connecting to identity providers. Thi...

9.1CVSS0.00261EPSS
Exploits0References6
Rows per page
Query Builder