13 matches found
CVE-2023-23932
OpenDDS is an open source C++ implementation of the Object Management Group OMG Data Distribution Service DDS. OpenDDS applications that are exposed to untrusted RTPS network traffic may crash when parsing badly-formed input. This issue has been patched in version 3.23.1...
CVE-2023-38510
Tolgee is an open-source localization platform. Starting in version 3.14.0 and prior to version 3.23.1, when a request is made using an API key, the backend fails to verify the permission scopes associated with the key, effectively bypassing permission checks entirely for some endpoints. It's...
CVE-2022-44633
Missing Authorization vulnerability in YITH YITH WooCommerce Gift Cards Premium.This issue affects YITH WooCommerce Gift Cards Premium: from n/a through 3.23.1...
CVE-2025-27496
Snowflake, a platform for using artificial intelligence in the context of cloud computing, has a vulnerability in the Snowflake JDBC driver "Driver" in versions 3.0.13 through 3.23.0 of the driver. When the logging level was set to DEBUG, the Driver would log locally the client-side encryption...
CVE-2025-27496 Snowflake JDBC Driver client-side encryption key in DEBUG logs
Snowflake, a platform for using artificial intelligence in the context of cloud computing, has a vulnerability in the Snowflake JDBC driver "Driver" in versions 3.0.13 through 3.23.0 of the driver. When the logging level was set to DEBUG, the Driver would log locally the client-side encryption...
CVE-2025-27496 Snowflake JDBC Driver client-side encryption key in DEBUG logs
Snowflake, a platform for using artificial intelligence in the context of cloud computing, has a vulnerability in the Snowflake JDBC driver "Driver" in versions 3.0.13 through 3.23.0 of the driver. When the logging level was set to DEBUG, the Driver would log locally the client-side encryption...
CVE-2025-27496
Summary: CVE-2025-27496 affects Snowflake JDBC Driver versions 3.0.13–3.23.0. When logging level is DEBUG, the driver locally logs the client-side encryption master key of the target stage during GET/PUT, exposing a sensitive key through logs. The issue is not logged server-side and does not by i...
GHSA-Q298-375F-5Q63 Snowflake JDBC Driver client-side encryption key in DEBUG logs
Issue Snowflake discovered and remediated a vulnerability in the Snowflake JDBC driver “Driver”. When the logging level was set to DEBUG, the Driver would log locally the client-side encryption master key of the target stage during the execution of GET/PUT commands. This key by itself does not...
Snowflake JDBC Driver client-side encryption key in DEBUG logs
Issue Snowflake discovered and remediated a vulnerability in the Snowflake JDBC driver “Driver”. When the logging level was set to DEBUG, the Driver would log locally the client-side encryption master key of the target stage during the execution of GET/PUT commands. This key by itself does not...
Code injection
Tolgee is an open-source localization platform. Starting in version 3.14.0 and prior to version 3.23.1, when a request is made using an API key, the backend fails to verify the permission scopes associated with the key, effectively bypassing permission checks entirely for some endpoints. It's...
Input validation
OpenDDS is an open source C++ implementation of the Object Management Group OMG Data Distribution Service DDS. OpenDDS applications that are exposed to untrusted RTPS network traffic may crash when parsing badly-formed input. This issue has been patched in version 3.23.1...
CVE-2023-23932 Specially crafted RTPS message may cause an OpenDDS application to crash
OpenDDS is an open source C++ implementation of the Object Management Group OMG Data Distribution Service DDS. OpenDDS applications that are exposed to untrusted RTPS network traffic may crash when parsing badly-formed input. This issue has been patched in version 3.23.1...
Object Computing OpenDDS 安全漏洞
Object Computing OpenDDS is an open source middleware framework for C++ and Java applications from Object Computing, USA. A security vulnerability exists in OpenDDS prior to version 3.23.1. OpenDDS applications exposed to untrusted RTPS network traffic could crash when parsing incorrectly formatt...