Lucene search
K

6 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2024-0163

Malicious code in bioql PyPI...

5.5CVSS6.3AI score0.00203EPSS
Exploits0References4
Trend Micro Simply Security
Trend Micro Simply Security
added 2025/04/15 12:0 a.m.9 views

ZDI-23-1527 and ZDI-23-1528: The Potential Impact of Overly Permissive SAS Tokens on PC Manager Supply Chains

In ZDI-23-1527 and ZDI-23-1528 we uncover two possible scenarios where attackers could have compromised the Microsoft PC Manager supply chain...

7.3AI score
Exploits0
Github Security Blog
Github Security Blog
added 2024/10/24 10:42 p.m.43 views

The Snowflake Connector for Python stores sensitive data in logs

Issue Snowflake recently learned about and remediated a set of vulnerabilities in the Snowflake Connector for Python. Under specific conditions, certain users credentials or portions of those credentials were logged locally by the Connector to the users own systems. The credentials were not logge...

5.5CVSS7AI score0.00203EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2024/10/24 10:15 p.m.36 views

CVE-2024-49750

The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Prior to version 3.12.3, when the logging level was set by the user to DEBUG, the Connector could have logged Duo passcodes when specified...

5.5CVSS0.00203EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/10/24 10:3 p.m.22 views

CVE-2024-49750 Snowflake Connector for Python has sensitive data in logs

The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Prior to version 3.12.3, when the logging level was set by the user to DEBUG, the Connector could have logged Duo passcodes when specified...

5.5CVSS6.8AI score0.00203EPSS
Exploits0References2
Malwarebytes
Malwarebytes
added 2023/09/19 2:0 a.m.13 views

Microsoft AI researchers accidentally exposed terabytes of sensitive data

Warnings about including credentials, keys, and tokens when sharing code on publicly accessible repositories shouldnt be necessary. It should speak for itself that you dont just hand over the keys to your data. But what if a misconfiguration ends in a supposed internal storage account becoming...

6.8AI score
Exploits0
Rows per page
Query Builder