CVE-2023-30535

Snowflake JDBC provides a JDBC type 4 driver that supports core functionality, allowing Java program to connect to Snowflake. Users of the Snowflake JDBC driver were vulnerable to a command injection vulnerability. An attacker could set up a malicious, publicly accessible server which responds to...

CVE-2025-30535

Cross-Site Request Forgery CSRF vulnerability in muro External image replace external-image-replace allows Cross Site Request Forgery.This issue affects External image replace: from n/a through = 1.0.8...

CVE-2025-30535 WordPress External image replace plugin <= 1.0.8 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability

Cross-Site Request Forgery CSRF vulnerability in muro External image replace external-image-replace allows Cross Site Request Forgery.This issue affects External image replace: from n/a through = 1.0.8...

CVE-2024-30535

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WhiteStudio Easy Form Builder.This issue affects Easy Form Builder: from n/a through 3.7.4...

CVE-2024-30535

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WhiteStudio Easy Form Builder.This issue affects Easy Form Builder: from n/a through 3.7.4...

CVE-2024-30535

CVE-2024-30535 is an SQL Injection vulnerability in WordPress plugin Easy Form Builder (White Studio Easy Form Builder). Affected versions: Easy Form Builder from n/a through 3.7.4. Root cause: Improper Neutralization of Special Elements used in SQL Command. Impact as per CVSS: high (score 8.5) w...

CVE-2024-30535 WordPress Easy Form Builder plugin <= 3.7.4 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WhiteStudio Easy Form Builder.This issue affects Easy Form Builder: from n/a through 3.7.4...

Security Bulletin: IBM Security Guardium is affected by a snowflake-jdbc-3.13.8.jar vulnerability (CVE-2023-30535)

Summary IBM Security Guardium has fixed this vulnerability Vulnerability Details CVEID:CVE-2023-30535 DESCRIPTION: Snowflake Computing Snowflake JDBC could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a command injection flaw in the SSO URL...

Oracle GoldenGate for Big Data RCE (October 2023 CPU)

According to its self-reported version number, the Oracle GoldenGate for Big Data application located on the remote host is 21.3 = 21.10. It is, therefore, affected by a remote code execution vulnerability: - Vulnerability in the GoldenGate Big Data product of Oracle GoldenGate component:...

CVE-2023-30535

creationtimestamp| type| source ---|---|--- 2023-04-15 00:26:27+00:00| seen| https://t.me/cibsecurity/62201 2023-04-27 19:58:34+00:00| seen| https://t.me/truesecator/4331...

CVE-2023-30535

Snowflake JDBC provides a JDBC type 4 driver that supports core functionality, allowing Java program to connect to Snowflake. Users of the Snowflake JDBC driver were vulnerable to a command injection vulnerability. An attacker could set up a malicious, publicly accessible server which responds to...

CVE-2023-30535 Snowflake JDBC vulnerable to command injection via SSO URL authentication

Snowflake JDBC provides a JDBC type 4 driver that supports core functionality, allowing Java program to connect to Snowflake. Users of the Snowflake JDBC driver were vulnerable to a command injection vulnerability. An attacker could set up a malicious, publicly accessible server which responds to...

CVE-2023-30535

CVE-2023-30535 affects Snowflake JDBC (type 4 driver). The issue is a command injection via the SSO URL authentication payload. It was patched in Snowflake JDBC driver version 3.13.29; all users should upgrade to 3.13.29 or later. Related IBM/Oracle advisories note the CVE in the context of Oracl...

CVE-2023-30535 Snowflake JDBC vulnerable to command injection via SSO URL authentication

Snowflake JDBC provides a JDBC type 4 driver that supports core functionality, allowing Java program to connect to Snowflake. Users of the Snowflake JDBC driver were vulnerable to a command injection vulnerability. An attacker could set up a malicious, publicly accessible server which responds to...

com.damavis:damavis-spark-snowflake_2.12 (>=0.3.0 <=0.4.4), com.linkedin.feathr:feathr_2.12 (>=0.1.0 <=1.0.5-rc5) +49 more potentially affected by CVE-2023-30535 via net.snowflake:snowflake-jdbc (>=3.0.0 <=3.13.28)

net.snowflake:snowflake-jdbc MAVEN version =3.0.0, =0.3.0, =0.1.0, =v1.2.0.1-1-gadc43b8, =0.9.0, =0.9.0, =0.10.1, =1.0.0, =1.0.0, =3.0.0.Final, =3.0.0.Final, =3.1.3.Final and more Source cves: CVE-2023-30535 Source advisory: OSV:GHSA-4G3J-C4WG-6J7X...

K52125139: NGINX Ingress Controller vulnerability CVE-2022-30535

Security Advisory Description An attacker authorized to create or update ingress objects can obtain the secrets available to the NGINX Ingress Controller. CVE-2022-30535 Impact This vulnerability may allow an authenticated attacker with network access to NGINX Ingress Controller ingress objects t...

SUSE CVE-2021-30535

Double free in ICU in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2022-30535

creationtimestamp| type| source ---|---|--- 2022-08-04 22:20:05+00:00| seen| https://t.me/cibsecurity/47582...

CVE-2022-30535

In versions 2.x before 2.3.0 and all versions of 1.x, An attacker authorized to create or update ingress objects can obtain the secrets available to the NGINX Ingress Controller. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2022-30535 NGINX Ingress Controller vulnerability CVE-2022-30535

In versions 2.x before 2.3.0 and all versions of 1.x, An attacker authorized to create or update ingress objects can obtain the secrets available to the NGINX Ingress Controller. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...