4.4
CVE-2025-24795 - The Snowflake Connector for Python uses insecure cache files permissions
The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for Python. On Linux systems, when temporary credential cachiโฆ
6.7
CVE-2025-24794 - The Snowflake Connector for Python uses insecure deserialization of the OCSP response cache
The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for Python. The OCSP response cache uses pickle as the serialโฆ
7
CVE-2025-24793 - Snowflake Connector for Python has an SQL Injection in write_pandas
The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for Python. A function from the snowflake.connector.pandas_toโฆ
5
CVE-2025-24788 - Snowflake Connector for .NET has weak temporary files permissions
snowflake-connector-net is the Snowflake Connector for .NET. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for .NET in which files downloaded from stages are temporarily placed in a world-readable local directory, making them accessible to unauthorized users on the โฆ
5.1
CVE-2025-24884 - kube-audit-rest's example logging configuration could disclose secret values in the audit log
kube-audit-rest is a simple logger of mutation/creation requests to the k8s api. If the "full-elastic-stack" example vector configuration was used for a real cluster, the previous values of kubernetes secrets would have been disclosed in the audit messages. This vulnerability is fixed in 1.0.16.
6.3
CVE-2025-0840 - GNU Binutils objdump.c disassemble_bytes stack-based overflow
A vulnerability, which was classified as problematic, was found in GNU Binutils up to 2.43. This affects the function disassemble_bytes of the file binutils/objdump.c. The manipulation of the argument buf leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The compโฆ
9.3
CVE-2025-20061 - mySCADA myPRO Manager OS Command Injection
mySCADA myPRO does not properly neutralize POST requests sent to a specific port with email information. This vulnerability could be exploited by an attacker to execute arbitrary commands on the affected system.
9.3
CVE-2025-20014 - mySCADA myPRO Manager OS Command Injection
mySCADA myPRO does not properly neutralize POST requests sent to a specific port with version information. This vulnerability could be exploited by an attacker to execute arbitrary commands on the affected system.
6.9
CVE-2024-48852 - Information disclosures
Insertion of Sensitive Information into Log File vulnerability observed in FLEXON. Some information may be improperly disclosed through https access. This issue affects FLXEON through <= 9.3.4.
7.1
CVE-2024-10001 - Code Injection Vulnerability in GitHub Enterprise Server Allows Arbitrary Code Execution via Messagโฆ
A Code Injection vulnerability was identified in GitHub Enterprise Server that allowed attackers to inject malicious code into the query selector via the identity property in the message handling function. Thisย enabled the exfiltration of sensitive data by manipulating the DOM, including authenticaโฆ