Lucene search
K

80 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2016-9350

Malware in sbrugna...

7.3CVSS7.5AI score0.01005EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2016-9351

Malware in sbrugna...

7.3CVSS7.5AI score0.01005EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-0241

Malicious code in bioql PyPI...

8.8CVSS7.5AI score0.01841EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2025/05/23 2:23 a.m.6 views

CVE-2023-34232

snowflake-connector-nodejs, a NodeJS driver for Snowflake, is vulnerable to command injection via single sign on SSO browser URL authentication in versions prior to 1.6.21. In order to exploit the potential for command injection, an attacker would need to be successful in 1 establishing a malicio...

8.8CVSS7.8AI score0.01897EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2023/08/02 12:55 p.m.37 views

Phishers Exploit Salesforce's Email Services Zero-Day in Targeted Facebook Campaign

A sophisticated Facebook phishing campaign has been observed exploiting a zero-day flaw in Salesforce's email services, allowing threat actors to craft targeted phishing messages using the company's domain and infrastructure. "Those phishing campaigns cleverly evade conventional detection methods...

6.9AI score
Exploits0
Github Security Blog
Github Security Blog
added 2023/06/09 10:53 p.m.32 views

Snowflake Golang Driver vulnerable to Command Injection

Issue Snowflake was informed via our bug bounty program of a command injection vulnerability in the Snowflake Golang driver via SSO browser URL authentication. Impacted driver package: gosnowflake Impacted version range: before Version 1.6.19 Attack Scenario In order to exploit the potential for...

8.8CVSS7.4AI score0.01962EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2023/06/09 10:53 p.m.45 views

Snowflake Python Connector vulnerable to Command Injection

Issue Snowflake was informed via our bug bounty program of a command injection vulnerability in the Snowflake Python connector via SSO browser URL authentication. Impacted driver package: snowflake-connector-python Impacted version range: before Version 3.0.2 Attack Scenario In order to exploit t...

8.8CVSS7.4AI score0.01841EPSS
Exploits1References6Affected Software1
OSV
OSV
added 2023/06/09 10:40 p.m.19 views

GHSA-223G-8W3X-98WR Snowflake Connector .Net Command Injection

Issue Snowflake was informed via our bug bounty program of a command injection vulnerability in the Snowflake .NET driver via SSO URL authentication. Impacted driver package: snowflake-connector-net Impacted version range: before Version 2.0.18 Attack Scenario In order to exploit the potential fo...

7.3CVSS8.3AI score0.01431EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2023/06/09 10:40 p.m.21 views

Snowflake Connector .Net Command Injection

Issue Snowflake was informed via our bug bounty program of a command injection vulnerability in the Snowflake .NET driver via SSO URL authentication. Impacted driver package: snowflake-connector-net Impacted version range: before Version 2.0.18 Attack Scenario In order to exploit the potential fo...

8.8CVSS7.8AI score0.01431EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2023/06/08 9:15 p.m.30 views

CVE-2023-34230

snowflake-connector-net, the Snowflake Connector for .NET, is vulnerable to command injection prior to version 2.0.18 via SSO URL authentication. In order to exploit the potential for command injection, an attacker would need to be successful in 1 establishing a malicious resource and 2 redirecti...

8.8CVSS8AI score0.01431EPSS
Exploits0References1
NVD
NVD
added 2023/06/08 9:15 p.m.27 views

CVE-2023-34233

The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Versions prior to 3.0.2 are vulnerable to command injection via single sign-onSSO browser URL authentication. In order to exploit the...

8.8CVSS8AI score0.01841EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/06/08 8:29 p.m.16 views

CVE-2023-34230 Snowflake Connector vulnerable to Command Injection

snowflake-connector-net, the Snowflake Connector for .NET, is vulnerable to command injection prior to version 2.0.18 via SSO URL authentication. In order to exploit the potential for command injection, an attacker would need to be successful in 1 establishing a malicious resource and 2 redirecti...

7.3CVSS9.2AI score0.01431EPSS
Exploits0References1
CVE
CVE
added 2023/06/08 8:29 p.m.55 views

CVE-2023-34230

CVE-2023-34230 affects the Snowflake Connector for .NET (snowflake-connector-net) prior to version 2.0.18. The underlying issue is a command injection vulnerability via SSO URL authentication. An attacker would need to: (1) establish a malicious resource and (2) persuade a user to use a crafted c...

8.8CVSS8.3AI score0.01431EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/06/08 8:29 p.m.15 views

CVE-2023-34230 Snowflake Connector vulnerable to Command Injection

snowflake-connector-net, the Snowflake Connector for .NET, is vulnerable to command injection prior to version 2.0.18 via SSO URL authentication. In order to exploit the potential for command injection, an attacker would need to be successful in 1 establishing a malicious resource and 2 redirecti...

7.3CVSS8.9AI score0.01431EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/06/08 8:22 p.m.23 views

CVE-2023-34233 Snowflake Python Connector vulnerable to Command Injection

The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Versions prior to 3.0.2 are vulnerable to command injection via single sign-onSSO browser URL authentication. In order to exploit the...

7.3CVSS9.2AI score0.01841EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/06/08 8:17 p.m.15 views

CVE-2023-34232 Snowflake NodeJS Driver vulnerable to Command Injection

snowflake-connector-nodejs, a NodeJS driver for Snowflake, is vulnerable to command injection via single sign on SSO browser URL authentication in versions prior to 1.6.21. In order to exploit the potential for command injection, an attacker would need to be successful in 1 establishing a malicio...

7.3CVSS9.3AI score0.01897EPSS
Exploits0References4
NVD
NVD
added 2023/06/08 8:15 p.m.22 views

CVE-2023-34231

gosnowflake is th Snowflake Golang driver. Prior to version 1.6.19, a command injection vulnerability exists in the Snowflake Golang driver via single sign-on SSO browser URL authentication. In order to exploit the potential for command injection, an attacker would need to be successful in 1...

8.8CVSS8.2AI score0.01962EPSS
Exploits0References3
Prion
Prion
added 2023/06/08 8:15 p.m.13 views

Command injection

gosnowflake is th Snowflake Golang driver. Prior to version 1.6.19, a command injection vulnerability exists in the Snowflake Golang driver via single sign-on SSO browser URL authentication. In order to exploit the potential for command injection, an attacker would need to be successful in 1...

4.9CVSS8.9AI score0.01962EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2023/06/08 7:42 p.m.28 views

CVE-2023-34231 Snowflake Golang Driver vulnerable to Command Injection

gosnowflake is th Snowflake Golang driver. Prior to version 1.6.19, a command injection vulnerability exists in the Snowflake Golang driver via single sign-on SSO browser URL authentication. In order to exploit the potential for command injection, an attacker would need to be successful in 1...

7.3CVSS9.1AI score0.01962EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/06/08 12:0 a.m.6 views

PT-2023-24756

Name of the Vulnerable Software and Affected Versions snowflake-connector-net versions prior to 2.0.18 Description The issue is related to command injection via SSO URL authentication. An attacker would need to establish a malicious resource and redirect users to utilize it. The attacker could se...

8.8CVSS9.2AI score0.01431EPSS
Exploits0References7
Rows per page
Query Builder