CVE-2021-27496

Datakit Software libraries CatiaV53dRead, CatiaV63dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior lack proper validation of user-supplied data when parsing PRT files. This could lead to pointer dereferences of a value obtained from an untrusted source. An...

@regis-samurai/n8n (>=0.216.1 <=0.219.1), n8n-nodes-accelo (>=0.1.0 <=0.1.9) +11 more potentially affected by CVE-2026-27496 via n8n (>=0.138.0 <=0.93.0)

n8n NPM version =0.138.0, =0.216.1, =0.1.0, =0.18.0, =0.1.0, =0.1.0, =0.2.14, =0.1.0, =0.1.0, =0.0.2, =0.0.2, =1.1.3 Source cves: CVE-2026-27496 Source advisory: OSV:GHSA-XVH5-5QG4-X9QP...

CVE-2022-27496

Cross-site scripting vulnerability in Zero-channel BBS Plus v0.7.4 and earlier allows a remote attacker to inject an arbitrary script via unspecified vectors...

CVE-2025-27496 vulnerabilities

Vulnerabilities for packages: flyway, trino...

CVE-2025-27496 vulnerabilities

Vulnerabilities for packages: trino, flyway...

CVE-2025-27496

creationtimestamp| type| source ---|---|--- 2025-03-13 20:08:06+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114156928115504442 2025-03-13 21:28:42+00:00| seen| https://t.me/cvedetector/20250 2025-03-13 22:36:11+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lkc5tg3f3z...

CVE-2025-27496 Snowflake JDBC Driver client-side encryption key in DEBUG logs

Snowflake, a platform for using artificial intelligence in the context of cloud computing, has a vulnerability in the Snowflake JDBC driver "Driver" in versions 3.0.13 through 3.23.0 of the driver. When the logging level was set to DEBUG, the Driver would log locally the client-side encryption...

be.ugent.idlab.knows:dataio (>=2.0.0 <=2.1.4), com.asemicanalytics:asemic-sql (>=1.0 <=1.13) +162 more potentially affected by CVE-2025-27496 via net.snowflake:snowflake-jdbc (>=3.10.2 <=3.23.0)

net.snowflake:snowflake-jdbc MAVEN version =3.10.2, =2.0.0, =1.0, =1.14, =1.1, =1.1.0, =1.0.5, =1.1.0, =1.1.0, =1.1.0, =0.2.0, =1.1.0, =0.3.0, =8.2.0-alpha.1, =0.1.0, =1.0.5-rc5 and more Source cves: CVE-2025-27496 Source advisory: OSV:GHSA-Q298-375F-5Q63...

be.ugent.idlab.knows:dataio (>=2.0.0 <=2.1.4), com.asemicanalytics:asemic-sql (>=1.0 <=1.13) +162 more potentially affected by CVE-2025-27496 via net.snowflake:snowflake-jdbc (>=3.10.2 <=3.23.0)

net.snowflake:snowflake-jdbc MAVEN version =3.10.2, =2.0.0, =1.0, =1.14, =1.1, =1.1.0, =1.0.5, =1.1.0, =1.1.0, =1.1.0, =0.2.0, =1.1.0, =0.3.0, =8.2.0-alpha.1, =0.1.0, =1.0.5-rc5 and more Source cves: CVE-2025-27496 Source advisory: SNYK:JAVA-NETSNOWFLAKE-9404321...

kernel security, bug fix, and enhancement update

4.18.0-513.24.19.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

Important: Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.2.9 security update

Red Hat OpenShift Service Mesh 2.2.9 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References...

CVE-2023-27496

A flaw was found in Envoy. If Envoy is running with the OAuth filter enabled, a malicious actor could construct a request which would cause denial of service, crashing Envoy...

CVE-2023-27496

creationtimestamp| type| source ---|---|--- 2023-04-05 00:25:42+00:00| seen| https://t.me/cibsecurity/61428...

CVE-2023-27496 vulnerabilities

Vulnerabilities for packages: envoy...

CVE-2023-27496 vulnerabilities

Vulnerabilities for packages: envoy...

CVE-2023-27496 Envoy may crash when a redirect url without a state param is received in the oauth filter

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.26.0, 1.25.3, 1.24.4, 1.23.6, and 1.22.9, the OAuth filter assumes that a state query param is present on any response that looks like an OAuth redirect response. Sending it a request with t...

CVE-2023-27496

CVE-2023-27496 affects the Envoy proxy. Prior to patch versions (1.26.0, 1.25.3, 1.24.4, 1.23.6, 1.22.9), an OAuth redirect response without the state parameter could cause abnormal termination of the Envoy process when the redirect path is requested. A patch is available in those lines; mitigati...

CVE-2022-27496

creationtimestamp| type| source ---|---|--- 2022-03-31 12:18:21+00:00| seen| https://t.me/cibsecurity/39898...

CVE-2022-27496

Cross-site scripting vulnerability in Zero-channel BBS Plus v0.7.4 and earlier allows a remote attacker to inject an arbitrary script via unspecified vectors...

CVE-2022-27496

Cross-site scripting vulnerability in Zero-channel BBS Plus v0.7.4 and earlier allows a remote attacker to inject an arbitrary script via unspecified vectors...