Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
charm charm vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-29180
A vulnerability in which attackers could forge HTTP requests to manipulate the `charm` data directory to access or delete anything on the server. This has been patched and is available in release [v0.12.1](https://github.com/charmbracelet/charm/releases/tag/v0.12.1). We recommend...
Charm Charm
5.5
CVSSv3
CVE-2022-33734
Sensitive information exposure in onCharacteristicChanged in Charm by Samsung prior to version 1.2.3 allows malicious user to get bluetooth connection information without permission.
Samsung Charm
3.3
CVSSv3
CVE-2022-33733
Sensitive information exposure in onCharacteristicRead in Charm by Samsung prior to version 1.2.3 allows malicious user to get bluetooth connection information without permission.
Samsung Charm
6.5
CVSSv3
CVE-2021-37587
In Charm 0.43, any single user can decrypt DAC-MACS or MA-ABE-YJ14 data.
Jhu Charm 0.43
5.9
CVSSv3
CVE-2021-37588
In Charm 0.43, any two users can collude to achieve the ability to decrypt YCT14 data.
Jhu Charm 0.43
7.5
CVSSv3
CVE-2023-43809
Soft Serve is a self-hostable Git server for the command line. Prior to version 0.6.2, a security vulnerability in Soft Serve could allow an unauthenticated, remote malicious user to bypass public key authentication when keyboard-interactive SSH authentication is active, through ...
Charm Soft Serve
5.5
CVSSv3
CVE-2022-36836
Unprotected provider vulnerability in Charm by Samsung prior to version 1.2.3 allows malicious users to read connection state without permission.
Samsung Charm Firmware
5.5
CVSSv3
CVE-2022-36829
PendingIntent hijacking vulnerability in releaseAlarm in Charm by Samsung prior to version 1.2.3 allows local malicious users to access files without permission via implicit intent.
Samsung Charm Firmware
5.5
CVSSv3
CVE-2022-36830
PendingIntent hijacking vulnerability in cancelAlarmManager in Charm by Samsung prior to version 1.2.3 allows local malicious users to access files without permission via implicit intent.
Samsung Charm Firmware
NA
CVE-2009-0763
Cross-site scripting (XSS) vulnerability in default.php in Kipper 2.01 allows remote malicious users to inject arbitrary web script or HTML via the charm parameter.
Bookelves Kipper 2.01
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-26978
CVE-2024-26982
wireless
CVE-2023-6949
CVE-2024-26980
CVE-2024-32766
CVE-2024-26939
cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »