Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sdk vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-5180
An issue exists in Open Design Alliance Drawings SDK prior to 2024.12. A corrupted value of number of sectors used by the Fat structure in a crafted DGN file leads to an out-of-bounds write. An attacker can leverage this vulnerability to execute code in the context of the current...
Opendesign Drawings Sdk
NA
CVE-2023-51651
AWS SDK for PHP is the Amazon Web Services software development kit for PHP. Within the scope of requests to S3 object keys and/or prefixes containing a Unix double-dot, a URI path traversal is possible. The issue exists in the `buildEndpoint` method in the RestSerializer compone...
Amazon Aws Software Development Kit
NA
CVE-2023-50249
Sentry-Javascript is official Sentry SDKs for JavaScript. A ReDoS (Regular expression Denial of Service) vulnerability has been identified in Sentry's Astro SDK 7.78.0-7.86.0. Under certain conditions, this vulnerability allows an malicious user to cause excessive computatio...
Sentry Astro
NA
CVE-2023-6562
JPX Fragment List (flst) box vulnerability in Kakadu 7.9 allows an malicious user to exfiltrate local and remote files reachable by a server if the server allows the malicious user to upload a specially-crafted the image that is displayed back to the attacker.
Kakadusoftware Kakadu Sdk
NA
CVE-2023-5310
A denial of service vulnerability exists in all Silicon Labs Z-Wave controller and endpoint devices running Z-Wave SDK v7.20.3 (Gecko SDK v4.3.3) and previous versions. This attack can be carried out only by devices on the network sending a stream of packets to the device.
Silabs Z-wave Software Development Kit
NA
CVE-2023-4489
The first S0 encryption key is generated with an uninitialized PRNG in Z/IP Gateway products running Silicon Labs Z/IP Gateway SDK v7.18.3 and previous versions. This makes the first S0 key generated at startup predictable, potentially allowing network key prediction and unautho...
Silabs Z\\/ip Gateway Sdk
NA
CVE-2023-41151
An uncaught exception issue discovered in Softing OPC UA C++ SDK prior to 6.30 for Windows operating system may cause the application to crash when the server wants to send an error packet, while socket is blocked on writing.
Softing Opc
Softing Opc Ua C\\+\\+ Software Development Kit
Softing Secure Integration Server
NA
CVE-2023-0757
Incorrect Permission Assignment for Critical Resource vulnerability in PHOENIX CONTACT MULTIPROG, PHOENIX CONTACT ProConOS eCLR (SDK) allows an unauthenticated remote malicious user to upload arbitrary malicious code and gain full access on the affected device.
Phoenixcontact Multiprog
Phoenixcontact Proconos Eclr
NA
CVE-2023-5592
Download of Code Without Integrity Check vulnerability in PHOENIX CONTACT MULTIPROG, PHOENIX CONTACT ProConOS eCLR (SDK) allows an unauthenticated remote malicious user to download and execute applications without integrity checks on the device which may result in a complete loss...
Phoenixcontact Multiprog
Phoenixcontact Proconos Eclr
NA
CVE-2023-35625
Azure Machine Learning Compute Instance for SDK Users Information Disclosure Vulnerability
Microsoft Azure Machine Learning Software Development Kit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2024-34413
CVE-2024-34089
CVE-2024-33408
local
SQL
CVE-2024-0402
CVE-2024-33910
CVE-2024-31848
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »