CVE-2025-27496 Snowflake JDBC Driver client-side encryption key in DEBUG logs

Snowflake, a platform for using artificial intelligence in the context of cloud computing, has a vulnerability in the Snowflake JDBC driver "Driver" in versions 3.0.13 through 3.23.0 of the driver. When the logging level was set to DEBUG, the Driver would log locally the client-side encryption...

Insertion of Sensitive Information into Log File

Overview Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File. When the logging level is set to DEBUG, the client-side encryption master key of the target stage is logged locally in a JSON object under the queryStageMasterKey key during the executio...

GHSA-Q298-375F-5Q63 Snowflake JDBC Driver client-side encryption key in DEBUG logs

Issue Snowflake discovered and remediated a vulnerability in the Snowflake JDBC driver “Driver”. When the logging level was set to DEBUG, the Driver would log locally the client-side encryption master key of the target stage during the execution of GET/PUT commands. This key by itself does not...

Snowflake JDBC Driver client-side encryption key in DEBUG logs

Issue Snowflake discovered and remediated a vulnerability in the Snowflake JDBC driver “Driver”. When the logging level was set to DEBUG, the Driver would log locally the client-side encryption master key of the target stage during the execution of GET/PUT commands. This key by itself does not...

Snowflake JDBC Driver 日志信息泄露漏洞

Snowflake JDBC Driver is an open source Snowflake JDBC driver from Snowflake Computing. A log information disclosure vulnerability exists in Snowflake JDBC Driver versions 3.0.13 through 3.23.0, which stems from the Driver locally logging the client-side encryption master key for the target phase...

CVE-2025-2002

CWE-532: Insertion of Sensitive Information into Log Files vulnerability exists that could cause the disclosure of FTP server credentials when the FTP server is deployed, and the device is placed in debug mode by an administrative user and the debug files are exported from the device...

CVE-2025-2002

CWE-532: Insertion of Sensitive Information into Log Files vulnerability exists that could cause the disclosure of FTP server credentials when the FTP server is deployed, and the device is placed in debug mode by an administrative user and the debug files are exported from the device...

CVE-2025-2002

CWE-532: Insertion of Sensitive Information into Log Files vulnerability exists that could cause the disclosure of FTP server credentials when the FTP server is deployed, and the device is placed in debug mode by an administrative user and the debug files are exported from the device...

CVE-2025-2002

CVE-2025-2002 affects Schneider Electric EcoStruxure Panel Server. The issue is a CWE-532-style insertion of sensitive information into log files that can lead to disclosure of FTP server credentials when the FTP server is deployed and an administrator places the device in debug mode, exporting d...

CVE-2024-13919

The Laravel framework versions between 11.9.0 and 11.35.1 are susceptible to reflected cross-site scripting due to an improper encoding of route parameters in the debug-mode error page...

CVE-2024-13918

The Laravel framework versions between 11.9.0 and 11.35.1 are susceptible to reflected cross-site scripting due to an improper encoding of request parameters in the debug-mode error page...

CVE-2025-21865 gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl().

In the Linux kernel, the following vulnerability has been resolved: gtp: Suppress list corruption splat in gtpnetexitbatchrtnl. Brad Spengler reported the listdel corruption splat in gtpnetexitbatchrtnl. 0 Commit eb28fd76c0a0 "gtp: Destroy device along with udp socket's netns dismantle." added th...

Reflected Cross-Site Scripting (Reflected XSS)

laravel/framework is vulnerable to Reflected Cross-Site Scripting Reflected XSS. The vulnerability is due to improper encoding of route parameters in the debug-mode error page, allows an attacker to inject and execute malicious scripts in a victim’s browser by tricking them into visiting a...

The vulnerability of the Debug Mode mode in the Laravel PHP framework allows attackers to perform cross-site scripting attacks.

The vulnerability of the Debug Mode mode in the Laravel PHP framework is related to the lack of protective measures for the web page structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

SAP Web Dispatcher和SAP Internet Communication Manager 日志信息泄露漏洞

SAP Web Dispatcher and SAP Internet Communication Manager SAP ICM are both products of SAP, Germany. SAP Web Dispatcher is a core component of Load Balancing, which supports load balancing and provides reverse proxy functionality to enable external users to access internal applications. SAP...

Cross-site Scripting (XSS)

Overview laravel/framework is a PHP framework for web artisans. Affected versions of this package are vulnerable to Cross-site Scripting XSS due to improper encoding of request parameters in the debug-mode error page. When the application runs with APPDEBUG=true and encounters an error, the...

GHSA-83WP-F5C3-HQQR Laravel framework susceptible to reflected cross-site scripting

The Laravel framework versions between 11.9.0 and 11.35.1 are susceptible to reflected cross-site scripting due to an improper encoding of route parameters in the debug-mode error page...

GHSA-546H-56QP-8JMW Laravel framework susceptible to reflected cross-site scripting

The Laravel framework versions between 11.9.0 and 11.35.1 are susceptible to reflected cross-site scripting due to an improper encoding of request parameters in the debug-mode error page...

Laravel framework susceptible to reflected cross-site scripting

The Laravel framework versions between 11.9.0 and 11.35.1 are susceptible to reflected cross-site scripting due to an improper encoding of request parameters in the debug-mode error page...

Cross-site Scripting (XSS)

Overview laravel/framework is a PHP framework for web artisans. Affected versions of this package are vulnerable to Cross-site Scripting XSS due to improper encoding of route parameters in the debug-mode error page. When the application is in debug mode APPDEBUG=true and encounters an error, the...