Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sdk vulnerabilities and exploits
(subscribe to this query)
6.3
CVSSv3
CVE-2024-20930
Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Content Access SDK, Image Export SDK, PDF Export SDK, HTML Export SDK). The supported version that is affected is 8.5.6. Easily exploitable vulnerability allows low privileged attack...
Oracle Outside In Technology 8.5.6
9.8
CVSSv3
CVE-2023-4280
An unvalidated input in Silicon Labs TrustZone implementation in v4.3.x and previous versions of the Gecko SDK allows an malicious user to access the trusted region of memory from the untrusted region.
Silabs Gecko Software Development Kit
8
CVSSv3
CVE-2023-7080
The V8 inspector intentionally allows arbitrary code execution within the Workers sandbox for debugging. wrangler dev would previously start an inspector server listening on all network interfaces. This would allow an attacker on the local network to connect to the inspector and ...
Cloudflare Wrangler
7.8
CVSSv3
CVE-2023-5180
An issue exists in Open Design Alliance Drawings SDK prior to 2024.12. A corrupted value of number of sectors used by the Fat structure in a crafted DGN file leads to an out-of-bounds write. An attacker can leverage this vulnerability to execute code in the context of the current...
Opendesign Drawings Sdk
3.3
CVSSv3
CVE-2023-51651
AWS SDK for PHP is the Amazon Web Services software development kit for PHP. Within the scope of requests to S3 object keys and/or prefixes containing a Unix double-dot, a URI path traversal is possible. The issue exists in the `buildEndpoint` method in the RestSerializer compone...
Amazon Aws Software Development Kit
7.5
CVSSv3
CVE-2023-50249
Sentry-Javascript is official Sentry SDKs for JavaScript. A ReDoS (Regular expression Denial of Service) vulnerability has been identified in Sentry's Astro SDK 7.78.0-7.86.0. Under certain conditions, this vulnerability allows an malicious user to cause excessive computatio...
Sentry Astro
7.5
CVSSv3
CVE-2023-6562
JPX Fragment List (flst) box vulnerability in Kakadu 7.9 allows an malicious user to exfiltrate local and remote files reachable by a server if the server allows the malicious user to upload a specially-crafted the image that is displayed back to the attacker.
Kakadusoftware Kakadu Sdk
6.5
CVSSv3
CVE-2023-5310
A denial of service vulnerability exists in all Silicon Labs Z-Wave controller and endpoint devices running Z-Wave SDK v7.20.3 (Gecko SDK v4.3.3) and previous versions. This attack can be carried out only by devices on the network sending a stream of packets to the device.
Silabs Z-wave Software Development Kit
9.8
CVSSv3
CVE-2023-4489
The first S0 encryption key is generated with an uninitialized PRNG in Z/IP Gateway products running Silicon Labs Z/IP Gateway SDK v7.18.3 and previous versions. This makes the first S0 key generated at startup predictable, potentially allowing network key prediction and unautho...
Silabs Z\\/ip Gateway Sdk
7.5
CVSSv3
CVE-2023-41151
An uncaught exception issue discovered in Softing OPC UA C++ SDK prior to 6.30 for Windows operating system may cause the application to crash when the server wants to send an error packet, while socket is blocked on writing.
Softing Opc
Softing Opc Ua C\\+\\+ Software Development Kit
Softing Secure Integration Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »