39 matches found
EUVD-2009-4796
Malware in sbrugna...
EUVD-2025-0120
Malicious code in bioql PyPI...
EUVD-2025-12597
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2018-2585
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Connectors component of Oracle MySQL subcomponent: Connector/Net. Supported versions that are affected are 6.9.9 and prior and 6.10.4...
CVE-2025-46326
Snowflake Connector for .NET has a TOCTOU race in the Linux/macOS Easy Logging config file check. Versions 2.1.2 through before 4.4.1 are vulnerable: a local attacker with write access to the logging config file or its directory could overwrite configuration, gaining control over logging level an...
CVE-2025-46326 Snowflake Connector for .NET has race condition when checking access to Easy Logging configuration file
snowflake-connector-net is the Snowflake Connector for .NET. Versions starting from 2.1.2 to before 4.4.1, are vulnerable to a Time-of-Check to Time-of-Use TOCTOU race condition. When using the Easy Logging feature on Linux and macOS, the Connector reads logging configuration from a user-provided...
CVE-2025-24788 Snowflake Connector for .NET has weak temporary files permissions
snowflake-connector-net is the Snowflake Connector for .NET. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for .NET in which files downloaded from stages are temporarily placed in a world-readable local directory, making them accessible to unauthorized users on th...
Snowflake snowflake-connector-net 安全漏洞
Snowflake snowflake-connector-net is the Snowflake connector from Snowflake USA for . A security vulnerability exists in snowflake-connector-net versions prior to 4.3.0, which originates when files downloaded from the Stage are temporarily placed in a globally-readable local directory, allowing...
PT-2025-5569 · Snowflake · Snowflake-Connector-Net
Name of the Vulnerable Software and Affected Versions: snowflake-connector-net versions 2.0.12 through 4.2.0 Description: The issue arises when files downloaded from stages are temporarily placed in a world-readable local directory, making them accessible to unauthorized users on the same machine...
Snowflake Connector .NET does not properly check the Certificate Revocation List (CRL)
Issue Snowflake recently received a report about a vulnerability in the Snowflake Connector .NET where the checks against the Certificate Revocation List CRL were not performed where the insecureMode flag was set to false, which is the default setting. The vulnerability affects versions between...
snowflake-connector-net Trust Management Issues Vulnerability
Snowflake snowflake-connector-net is a Snowflake connector for . A trust management issue vulnerability exists in snowflake-connector-net versions 2.0.25 through 2.1.4 due to a failure to perform a check against the Certificate Revocation List CRL...
CVE-2023-34230
snowflake-connector-net, the Snowflake Connector for .NET, is vulnerable to command injection prior to version 2.0.18 via SSO URL authentication. In order to exploit the potential for command injection, an attacker would need to be successful in 1 establishing a malicious resource and 2 redirecti...
CVE-2023-34230
CVE-2023-34230 affects the Snowflake Connector for .NET (snowflake-connector-net) prior to version 2.0.18. The underlying issue is a command injection vulnerability via SSO URL authentication. An attacker would need to: (1) establish a malicious resource and (2) persuade a user to use a crafted c...
K42102650: MySQL vulnerability CVE-2017-10203
Security Advisory Description Vulnerability in the MySQL Connectors component of Oracle MySQL subcomponent: Connector/Net. Supported versions that are affected are 6.9.9 and earlier. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to...
SUSE CVE-2017-10203
Vulnerability in the MySQL Connectors component of Oracle MySQL subcomponent: Connector/Net. Supported versions that are affected are 6.9.9 and earlier. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors...
SUSE CVE-2017-10277
Vulnerability in the MySQL Connectors component of Oracle MySQL subcomponent: Connector/Net. Supported versions that are affected are 6.9.9 and earlier. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors...
CVE-2018-2585
Vulnerability in the MySQL Connectors component of Oracle MySQL subcomponent: Connector/Net. Supported versions that are affected are 6.9.9 and prior and 6.10.4 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MyS...
CVE-2018-2585
Vulnerability in the MySQL Connectors component of Oracle MySQL subcomponent: Connector/Net. Supported versions that are affected are 6.9.9 and prior and 6.10.4 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MyS...
UBUNTU-CVE-2018-2585
Vulnerability in the MySQL Connectors component of Oracle MySQL subcomponent: Connector/Net. Supported versions that are affected are 6.9.9 and prior and 6.10.4 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MyS...
CVE-2018-2585
Vulnerability in the MySQL Connectors component of Oracle MySQL subcomponent: Connector/Net. Supported versions that are affected are 6.9.9 and prior and 6.10.4 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MyS...