Lucene search
K

39 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 2:11 a.m.9 views

CVE-2023-30535

Snowflake JDBC provides a JDBC type 4 driver that supports core functionality, allowing Java program to connect to Snowflake. Users of the Snowflake JDBC driver were vulnerable to a command injection vulnerability. An attacker could set up a malicious, publicly accessible server which responds to...

8.8CVSS7.8AI score0.01668EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/26 2:43 p.m.4 views

CVE-2025-30535

Cross-Site Request Forgery CSRF vulnerability in muro External image replace external-image-replace allows Cross Site Request Forgery.This issue affects External image replace: from n/a through = 1.0.8...

4.3CVSS7.2AI score0.00197EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/24 1:46 p.m.12 views

CVE-2025-30535 WordPress External image replace plugin <= 1.0.8 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability

Cross-Site Request Forgery CSRF vulnerability in muro External image replace external-image-replace allows Cross Site Request Forgery.This issue affects External image replace: from n/a through = 1.0.8...

4.3CVSS0.00197EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 9:25 a.m.13 views

CVE-2024-30535

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WhiteStudio Easy Form Builder.This issue affects Easy Form Builder: from n/a through 3.7.4...

8.5CVSS8.9AI score0.00488EPSS
Exploits0References1
NVD
NVD
added 2024/03/31 7:15 p.m.16 views

CVE-2024-30535

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WhiteStudio Easy Form Builder.This issue affects Easy Form Builder: from n/a through 3.7.4...

8.5CVSS8.9AI score0.00488EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/03/31 6:16 p.m.20 views

CVE-2024-30535 WordPress Easy Form Builder plugin <= 3.7.4 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WhiteStudio Easy Form Builder.This issue affects Easy Form Builder: from n/a through 3.7.4...

8.5CVSS7.7AI score0.00488EPSS
Exploits0References1
CVE
CVE
added 2024/03/31 6:16 p.m.48 views

CVE-2024-30535

CVE-2024-30535 is an SQL Injection vulnerability in WordPress plugin Easy Form Builder (White Studio Easy Form Builder). Affected versions: Easy Form Builder from n/a through 3.7.4. Root cause: Improper Neutralization of Special Elements used in SQL Command. Impact as per CVSS: high (score 8.5) w...

8.5CVSS8.9AI score0.00488EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2023/12/14 6:36 p.m.40 views

Security Bulletin: IBM Security Guardium is affected by a snowflake-jdbc-3.13.8.jar vulnerability (CVE-2023-30535)

Summary IBM Security Guardium has fixed this vulnerability Vulnerability Details CVEID:CVE-2023-30535 DESCRIPTION: Snowflake Computing Snowflake JDBC could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a command injection flaw in the SSO URL...

8.8CVSS8.3AI score0.01668EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/10/18 12:0 a.m.27 views

Oracle GoldenGate for Big Data RCE (October 2023 CPU)

According to its self-reported version number, the Oracle GoldenGate for Big Data application located on the remote host is 21.3 = 21.10. It is, therefore, affected by a remote code execution vulnerability: - Vulnerability in the GoldenGate Big Data product of Oracle GoldenGate component:...

8.8CVSS8.9AI score0.01668EPSS
Exploits0References3
Circl
Circl
added 2023/04/15 12:26 a.m.8 views

CVE-2023-30535

creationtimestamp| type| source ---|---|--- 2023-04-15 00:26:27+00:00| seen| https://t.me/cibsecurity/62201 2023-04-27 19:58:34+00:00| seen| https://t.me/truesecator/4331...

8.8CVSS8.2AI score0.01668EPSS
Exploits0References2
NVD
NVD
added 2023/04/14 8:15 p.m.29 views

CVE-2023-30535

Snowflake JDBC provides a JDBC type 4 driver that supports core functionality, allowing Java program to connect to Snowflake. Users of the Snowflake JDBC driver were vulnerable to a command injection vulnerability. An attacker could set up a malicious, publicly accessible server which responds to...

8.8CVSS8.3AI score0.01668EPSS
Exploits0References2
OSV
OSV
added 2023/04/14 7:30 p.m.22 views

CVE-2023-30535 Snowflake JDBC vulnerable to command injection via SSO URL authentication

Snowflake JDBC provides a JDBC type 4 driver that supports core functionality, allowing Java program to connect to Snowflake. Users of the Snowflake JDBC driver were vulnerable to a command injection vulnerability. An attacker could set up a malicious, publicly accessible server which responds to...

7.3CVSS9.3AI score0.01668EPSS
Exploits0References4
CVE
CVE
added 2023/04/14 7:30 p.m.84 views

CVE-2023-30535

CVE-2023-30535 affects Snowflake JDBC (type 4 driver). The issue is a command injection via the SSO URL authentication payload. It was patched in Snowflake JDBC driver version 3.13.29; all users should upgrade to 3.13.29 or later. Related IBM/Oracle advisories note the CVE in the context of Oracl...

8.8CVSS8.2AI score0.01668EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/04/14 7:30 p.m.9 views

CVE-2023-30535 Snowflake JDBC vulnerable to command injection via SSO URL authentication

Snowflake JDBC provides a JDBC type 4 driver that supports core functionality, allowing Java program to connect to Snowflake. Users of the Snowflake JDBC driver were vulnerable to a command injection vulnerability. An attacker could set up a malicious, publicly accessible server which responds to...

7.3CVSS9AI score0.01668EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2023/04/14 6:28 p.m.4 views

com.damavis:damavis-spark-snowflake_2.12 (>=0.3.0 <=0.4.4), com.linkedin.feathr:feathr_2.12 (>=0.1.0 <=1.0.5-rc5) +49 more potentially affected by CVE-2023-30535 via net.snowflake:snowflake-jdbc (>=3.0.0 <=3.13.28)

net.snowflake:snowflake-jdbc MAVEN version =3.0.0, =0.3.0, =0.1.0, =1.2.0.0-rc2, =0.9.0, =0.9.0, =0.10.1, =1.0.0, =1.0.0, =3.0.0.Final, =3.0.0.Final, =3.1.3.Final and more Source cves: CVE-2023-30535 Source advisory: OSV:GHSA-4G3J-C4WG-6J7X...

8.8CVSS7.7AI score0.01668EPSS
Exploits0
F5 Networks
F5 Networks
added 2023/02/21 7:56 p.m.61 views

K52125139: NGINX Ingress Controller vulnerability CVE-2022-30535

Security Advisory Description An attacker authorized to create or update ingress objects can obtain the secrets available to the NGINX Ingress Controller. CVE-2022-30535 Impact This vulnerability may allow an authenticated attacker with network access to NGINX Ingress Controller ingress objects t...

6.5CVSS6.3AI score0.00586EPSS
Exploits0Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 3:42 a.m.2 views

SUSE CVE-2021-30535

Double free in ICU in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS8.8AI score0.01128EPSS
Exploits1References5
Circl
Circl
added 2022/08/04 10:20 p.m.10 views

CVE-2022-30535

creationtimestamp| type| source ---|---|--- 2022-08-04 22:20:05+00:00| seen| https://t.me/cibsecurity/47582...

6.5CVSS6.3AI score0.00586EPSS
Exploits0References1
OSV
OSV
added 2022/08/04 6:15 p.m.17 views

CVE-2022-30535

In versions 2.x before 2.3.0 and all versions of 1.x, An attacker authorized to create or update ingress objects can obtain the secrets available to the NGINX Ingress Controller. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

6.5CVSS6.9AI score
Exploits0References1
CVE
CVE
added 2022/08/04 5:45 p.m.100 views

CVE-2022-30535

CVE-2022-30535: summary Ingress Controller for NGINX (NGINX Ingress Controller) versions 2.x before 2.3.0 and all 1.x are affected. The issue allows an attacker who can create or update ingress objects to access secrets stored by the NGINX Ingress Controller, constituting a control-plane data dis...

6.5CVSS6.7AI score0.00586EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder