Lucene search
K

13 matches found

NVD
NVD
added 5 days ago10 views

CVE-2026-13750

Insertion of sensitive information into log files in Snowflake CLI versions prior to 3.19 allowed plaintext credentials to be written to persistent local debug logs. An attacker could exploit this by obtaining read access to the affected user's local log files, causing credentials such as...

5.5CVSS0.00108EPSS
Exploits0References1
EUVD
EUVD
added 5 days ago5 views

EUVD-2026-40147

Improper handling of untrusted remote references in Snowflake CLI versions prior to 3.19 allowed server-side request forgery. The SQL statement reader's !source/!load directives could reference remote URLs that were retrieved at runtime without sufficient restriction on the request destination. B...

4.1CVSS5.9AI score0.00118EPSS
Exploits0References1
EUVD
EUVD
added 5 days ago5 views

EUVD-2026-40137

Insertion of sensitive information into log files in Snowflake CLI versions prior to 3.19 allowed plaintext credentials to be written to persistent local debug logs. An attacker could exploit this by obtaining read access to the affected user's local log files, causing credentials such as...

5.5CVSS5.8AI score0.00108EPSS
Exploits0References1
EUVD
EUVD
added 5 days ago6 views

EUVD-2026-40135

Improper neutralization in the Snowpark annotation processor callback template in Snowflake CLI versions prior to 3.19 allowed arbitrary code execution during application bundling or deployment. An attacker could exploit this by supplying crafted project content that is interpolated into generate...

8.8CVSS6.5AI score0.0037EPSS
Exploits0References1
EUVD
EUVD
added 5 days ago6 views

EUVD-2026-40129

Improper neutralization of attacker-controlled content in Snowflake CLI versions prior to 3.19 allowed unintended SQL execution. By supplying crafted repository content, project configuration, manifest data, or specification input, an attacker could cause Snowflake CLI to execute unintended SQL i...

8.3CVSS5.9AI score0.0032EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 5 days ago8 views

PT-2026-53311

Name of the Vulnerable Software and Affected Versions Snowflake CLI versions prior to 3.19 Description Improper restriction of file path resolution allows arbitrary local file content to be read and transmitted to Snowflake services. An attacker can exploit this by providing crafted repository or...

6.3CVSS6.1AI score0.00139EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 5 days ago7 views

PT-2026-53313

Name of the Vulnerable Software and Affected Versions Snowflake CLI versions prior to 3.19 Description Sensitive information is inserted into log files in plaintext. This occurs when credentials, such as passwords, tokens, or private key material, are written to persistent local debug logs. An...

5.5CVSS6AI score0.00108EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/15 12:0 a.m.28 views

CVE-2026-50869

An issue in the api/plugin.php component of Bludit v3.19.0 allows attackers to execute a directory traversal via supplying a crafted request...

0.00718EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/03 12:0 a.m.5 views

PT-2026-5776

Name of the Vulnerable Software and Affected Versions Roland Cloud Manager versions 3.1.19 and prior Description The installer for Roland Cloud Manager insecurely loads Dynamic Link Libraries DLLs. This could allow an attacker to execute arbitrary code with the privileges of the application...

8.4CVSS6AI score0.00144EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2024-28580

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer Overflow vulnerability in open source FreeImage v.3.19.0 r1909 allows a local attacker to execute arbitrary code via the ReadData function when reading...

8.4CVSS6.1AI score0.00355EPSS
Exploits1References3
OSV
OSV
added 2024/11/04 11:15 a.m.4 views

CVE-2024-51661

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in David Lingren Media Library Assistant allows Command Injection.This issue affects Media Library Assistant: from n/a through 3.19...

7.2CVSS5.8AI score
Exploits0References1
CNNVD
CNNVD
added 2024/03/20 12:0 a.m.5 views

FreeImage Security Vulnerability

FreeImage is a cross-platform open source library for supporting popular graphic image formats. A security vulnerability exists in FreeImage version v.3.19.0, which stems from a buffer overflow vulnerability. A local attacker can exploit this vulnerability to cause a Denial of Service DoS via the...

6.2CVSS7AI score0.00284EPSS
Exploits1References2
CNNVD
CNNVD
added 2023/12/29 12:0 a.m.5 views

Wrangler Code Issue Vulnerability

Cloudflare Wrangler is a repository from Cloudflare, Inc. A security vulnerability exists in Wrangler versions prior to 3.19.0, which stems from the fact that sending specially crafted HTTP requests may result in arbitrary HTTP and WebSocket requests being sent from the server, which could allow ...

8.1CVSS6.5AI score0.00552EPSS
Exploits0References3
Rows per page
Query Builder