The Snowflake datasource allows for GET/PUT commands, which can allow any user with access to run queries against the data source to read/write files between the local grafana server and the connected
When using the Grafana Snowflake Datasource Plugin,
if Oauth passthrough is enabled on the datasource, and multiple users are using the same datasource at the same time on a single Grafana instance, i
Vanna v0.6.3 is vulnerable to SQL injection via Snowflake database in its file staging operations using the `PUT` and `COPY` commands. This vulnerability allows unauthenticated remote users to read ar
libsnowflakeclient is the Snowflake Connector for C/C++. Versions starting from 0.5.0 to before 2.2.0, are vulnerable to local logging of sensitive information. When the logging level was set to DEBUG
Snowflake, a platform for using artificial intelligence in the context of cloud computing, has a vulnerability in the Snowflake JDBC driver ("Driver") in versions 3.0.13 through 3.23.0 of the driver.
The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Snowflake discovered and remediated a vul
Snowflake PHP PDO Driver is a driver that uses the PHP Data Objects (PDO) extension to connect to the Snowflake database. Snowflake discovered and remediated a vulnerability in the Snowflake PHP PDO D
The SQL Expressions experimental feature of Grafana allows for the evaluation of `duckdb` queries containing user input. These queries are insufficiently sanitized before being passed to `duckdb`, lea
snowflake-connector-nodejs is a NodeJS driver for Snowflake. Snowflake discovered and remediated a vulnerability in the Snowflake NodeJS Driver. File permissions checks of the temporary credential cac
snowflake-connector-nodejs is a NodeJS driver for Snowflake. Versions starting from 1.10.0 to before 2.0.4, are vulnerable to a Time-of-Check to Time-of-Use (TOCTOU) race condition. When using the Eas
Snowflake JDBC driver versions >= 3.2.6 and <= 3.19.1 have an Incorrect Security Setting that can result in data being uploaded to an encrypted stage without the additional layer of protection provide
The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Snowflake discovered and remediated a vul
Snowflake JDBC provides a JDBC type 4 driver that supports core functionality, allowing Java program to connect to Snowflake. Snowflake discovered and remediated a vulnerability in the Snowflake JDBC
Grafana is an open-source platform for monitoring and observability. The Infinity datasource plugin, maintained by Grafana Labs, allows visualizing data from JSON, CSV, XML, GraphQL, and HTML endpoint
When using the Grafana Databricks Datasource Plugin,
if Oauth passthrough is enabled on the datasource, and multiple users are using the same datasource at the same time on a single Grafana instance,
Snowflake JDBC provides a JDBC type 4 driver that supports core functionality, allowing Java program to connect to Snowflake. Snowflake discovered and remediated a vulnerability in the Snowflake JDBC
Budibase is an open-source low-code platform. Prior to 3.38.3, removeSecrets at packages/server/src/sdk/workspace/datasources/datasources.ts masks only datasource config fields whose schema type is Da
Improper validation of bash commands in Snowflake Cortex Code CLI versions prior to 1.0.25 allowed subsequent commands to execute outside the sandbox. An attacker could exploit this by embedding speci
Budibase is an open-source low-code platform. Prior to 3.38.1, Budibase exposes a REST API for datasource management. The route PUT /api/datasources/:datasourceId is registered in the authorizedRoutes
snowflake-connector-net is the Snowflake Connector for .NET. Versions starting from 2.1.2 to before 4.4.1, are vulnerable to a Time-of-Check to Time-of-Use (TOCTOU) race condition. When using the Easy
Page 1+ Next →