![]() ![]() All users should immediately upgrade the Snowflake JDBC driver to the latest version: 3.13.29. The vulnerability was patched on Maas part of Snowflake JDBC driver Version 3.13.29. If the attacker then tricked a user into visiting the maliciously crafted connection URL, the user’s local machine would render the malicious payload, leading to a remote code execution. An attacker could set up a malicious, publicly accessible server which responds to the SSO URL with an attack payload. Users of the Snowflake JDBC driver were vulnerable to a command injection vulnerability. Snowflake JDBC provides a JDBC type 4 driver that supports core functionality, allowing Java program to connect to Snowflake. TiKV 6.1.2 allows remote attackers to cause a denial of service (fatal error) upon an attempt to get a timestamp from the Placement Driver. If a non-administrative user modifies the driver installation package and runs it on the target PC, an arbitrary program may be executed with the administrative privilege. The driver installation package created by Printer Driver Packager NX v1.0.02 to v1.1.25 fails to detect its modification and may spawn an unexpected process with the administrative privilege. The vulnerability is reachable if CONFIG_IPVLAN is enabled. A jdbc attack vulnerability exists in OpenRefine(versioncb initialization in the ipvlan network driver. OpenRefine is a free, open source power tool for working with messy data and improving it. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue. ![]() ![]() This can result in integrity overflow issue, possibly leading to bluetooth connection abnormality or denial of service.Ī race condition was found in the Linux kernel's scsi device driver in lpfc_unregister_fcf_rescan() function. ![]() This can result in return value overflow issue, possibly leading to malfunction or denial of service issue.Ī race condition was found in the Linux kernel's bluetooth device driver in _age_set() function. A memory leak flaw was found in the UBI driver in drivers/mtd/ubi/attach.c in the Linux kernel through 6.7.4 for UBI_IOCATT, because kobj->name is not released.Ī race condition was found in the Linux kernel's media/xc4000 device driver in xc4000 xc4000_get_frequency() function. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |