Lucene search
+L

590 matches found

OSV
OSV
added 2022/11/09 12:0 a.m.4 views

CVE-2022-42965 Exponential ReDoS in snowflake-connector-python leads to denial of service

An exponential ReDoS Regular Expression Denial of Service can be triggered in the snowflake-connector-python PyPI package, when an attacker is able to supply arbitrary input to the undocumented getfiletransfertype method...

3.7CVSS7.2AI score0.00816EPSS
Exploits1References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/06/20 8:12 p.m.2 views

Malicious code in snowflake-adapter (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8e15140a694c9304d2ab29ca8a9ecac46015c9e9df1c8b008570aad1162e4d04 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2022/06/20 8:12 p.m.3 views

MAL-2022-6193 Malicious code in snowflake-adapter (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8e15140a694c9304d2ab29ca8a9ecac46015c9e9df1c8b008570aad1162e4d04 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
CNVD
CNVD
added 2021/03/16 12:0 a.m.5 views

SQL Injection Vulnerability in Snowflake Cloud IDC Hosting Sales System

Snowflake Cloud IDC Hosting Sales System is an IDC hosting system by Snowflake Cloud. Snowflake Cloud IDC Hosting Sales System suffers from an SQL injection vulnerability. An attacker can exploit the vulnerability to obtain sensitive database information...

7.8AI score
Exploits0
Openbugbounty
Openbugbounty
added 2020/11/01 12:56 p.m.5 views

snowflakechalets.fr Cross Site Scripting vulnerability OBB-1473623

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Exploits0
Hacker One
Hacker One
added 2020/05/29 7:23 a.m.28 views

X (Formerly Twitter): Private list members disclosure via GraphQL

Summary: Due to improper queries of GraphQL, the attacker can steal members of the private list. Description: Twitter implements a unique GraphQL endpoint, which can use only the queries that Twitter specified. However, there is a flaw in the backend...

6.6AI score
Exploits0
Packet Storm
Packet Storm
added 2014/12/13 12:0 a.m.36 views

Humhub Insecure Password Validation / Reset

Humhub insecure password validation and reset design + Discovered by: Jos Wetzels + Affects: Humhub password == $this-hashPassword$password Here a hash of the user-supplied password gets compared to the stored hash in an insecure manner, since PHP's loose type comparison operators compare only...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2010/07/20 12:0 a.m.20 views

SnowFlake CMS 1.0 Beta5.2 SQL Injection

Exploit Title: Powered by SnowFlake Content Management System SQL Injection Date: 19th july 2010 Author: Dinesh Arora Critical:high Affected / Tested Version : 1.0 beta5.2 Sample Affected Parameter: uid contact: [email protected] Greetz to :b0nd, Fbih2s,Beenu,Charles ,j4ckh4x0r, punter,eberl...

0.7AI score
Exploits0
exploitpack
exploitpack
added 2010/07/19 12:0 a.m.10 views

SnowFlake CMS 0.9.5 Beta - uid SQL Injection

SnowFlake CMS 0.9.5 Beta - uid SQL Injection source: https://www.securityfocus.com/bid/41791/info SnowFlake CMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...

0.5AI score
Exploits0
Exploit DB
Exploit DB
added 2010/07/19 12:0 a.m.30 views

SnowFlake CMS 0.9.5 Beta - 'uid' SQL Injection

source: https://www.securityfocus.com/bid/41791/info SnowFlake CMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify...

7.4AI score
Exploits0
Rows per page
Query Builder