EUVD-2025-0120

Malicious code in bioql PyPI...

EUVD-2025-12597

Malicious code in bioql PyPI...

CVE-2025-46326

Snowflake Connector for .NET has a TOCTOU race in the Linux/macOS Easy Logging config file check. Versions 2.1.2 through before 4.4.1 are vulnerable: a local attacker with write access to the logging config file or its directory could overwrite configuration, gaining control over logging level an...

CVE-2025-46326 Snowflake Connector for .NET has race condition when checking access to Easy Logging configuration file

snowflake-connector-net is the Snowflake Connector for .NET. Versions starting from 2.1.2 to before 4.4.1, are vulnerable to a Time-of-Check to Time-of-Use TOCTOU race condition. When using the Easy Logging feature on Linux and macOS, the Connector reads logging configuration from a user-provided...

CVE-2025-24788 Snowflake Connector for .NET has weak temporary files permissions

snowflake-connector-net is the Snowflake Connector for .NET. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for .NET in which files downloaded from stages are temporarily placed in a world-readable local directory, making them accessible to unauthorized users on th...

Snowflake snowflake-connector-net 安全漏洞

Snowflake snowflake-connector-net is the Snowflake connector from Snowflake USA for . A security vulnerability exists in snowflake-connector-net versions prior to 4.3.0, which originates when files downloaded from the Stage are temporarily placed in a globally-readable local directory, allowing...

PT-2025-5569 · Snowflake · Snowflake-Connector-Net

Name of the Vulnerable Software and Affected Versions: snowflake-connector-net versions 2.0.12 through 4.2.0 Description: The issue arises when files downloaded from stages are temporarily placed in a world-readable local directory, making them accessible to unauthorized users on the same machine...

snowflake-connector-net Trust Management Issues Vulnerability

Snowflake snowflake-connector-net is a Snowflake connector for . A trust management issue vulnerability exists in snowflake-connector-net versions 2.0.25 through 2.1.4 due to a failure to perform a check against the Certificate Revocation List CRL...

CVE-2023-34230

snowflake-connector-net, the Snowflake Connector for .NET, is vulnerable to command injection prior to version 2.0.18 via SSO URL authentication. In order to exploit the potential for command injection, an attacker would need to be successful in 1 establishing a malicious resource and 2 redirecti...

CVE-2023-34230

CVE-2023-34230 affects the Snowflake Connector for .NET (snowflake-connector-net) prior to version 2.0.18. The underlying issue is a command injection vulnerability via SSO URL authentication. An attacker would need to: (1) establish a malicious resource and (2) persuade a user to use a crafted c...