EUVD-2022-29638

Malicious code in bioql PyPI...

Sensitive Information Exposure

org.apache.iotdb, iotdb-jdbc is vulnerable to Sensitive Information Exposure. The vulnerability is due to improper sanitization and logging of sensitive information in the Apache IoTDB JDBC driver. Specifically, sensitive data such as credentials or query contents may be inadvertently written to...

CVE-2024-55551

An issue was discovered in Exasol JDBC driver before 24.2.1 2024-12-10. Attackers can inject malicious parameters into the JDBC URL, triggering JNDI injection during the process when the JDBC Driver uses this URL to connect to the database. This can further lead to remote code execution...

CVE-2025-27496 Snowflake JDBC Driver client-side encryption key in DEBUG logs

Snowflake, a platform for using artificial intelligence in the context of cloud computing, has a vulnerability in the Snowflake JDBC driver "Driver" in versions 3.0.13 through 3.23.0 of the driver. When the logging level was set to DEBUG, the Driver would log locally the client-side encryption...

CVE-2025-24789 Snowflake JDBC allows an untrusted search path on Windows

Snowflake JDBC provides a JDBC type 4 driver that supports core functionality, allowing Java program to connect to Snowflake. Snowflake discovered and remediated a vulnerability in the Snowflake JDBC Driver. When the EXTERNALBROWSER authentication method is used on Windows, an attacker with write...