Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
charm charm vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-29180
A vulnerability in which attackers could forge HTTP requests to manipulate the `charm` data directory to access or delete anything on the server. This has been patched and is available in release [v0.12.1](https://github.com/charmbracelet/charm/releases/tag/v0.12.1). We recommend...
Charm Charm
3.3
CVSSv3
CVE-2022-33733
Sensitive information exposure in onCharacteristicRead in Charm by Samsung prior to version 1.2.3 allows malicious user to get bluetooth connection information without permission.
Samsung Charm
5.5
CVSSv3
CVE-2022-33734
Sensitive information exposure in onCharacteristicChanged in Charm by Samsung prior to version 1.2.3 allows malicious user to get bluetooth connection information without permission.
Samsung Charm
5.5
CVSSv3
CVE-2022-36829
PendingIntent hijacking vulnerability in releaseAlarm in Charm by Samsung prior to version 1.2.3 allows local malicious users to access files without permission via implicit intent.
Samsung Charm Firmware
5.5
CVSSv3
CVE-2022-36830
PendingIntent hijacking vulnerability in cancelAlarmManager in Charm by Samsung prior to version 1.2.3 allows local malicious users to access files without permission via implicit intent.
Samsung Charm Firmware
5.5
CVSSv3
CVE-2022-36836
Unprotected provider vulnerability in Charm by Samsung prior to version 1.2.3 allows malicious users to read connection state without permission.
Samsung Charm Firmware
6.5
CVSSv3
CVE-2021-37587
In Charm 0.43, any single user can decrypt DAC-MACS or MA-ABE-YJ14 data.
Jhu Charm 0.43
5.9
CVSSv3
CVE-2021-37588
In Charm 0.43, any two users can collude to achieve the ability to decrypt YCT14 data.
Jhu Charm 0.43
7.5
CVSSv3
CVE-2023-43809
Soft Serve is a self-hostable Git server for the command line. Prior to version 0.6.2, a security vulnerability in Soft Serve could allow an unauthenticated, remote malicious user to bypass public key authentication when keyboard-interactive SSH authentication is active, through ...
Charm Soft Serve
NA
CVE-2009-0763
Cross-site scripting (XSS) vulnerability in default.php in Kipper 2.01 allows remote malicious users to inject arbitrary web script or HTML via the charm parameter.
Bookelves Kipper 2.01
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »