Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sdk vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-23680
AWS Encryption SDK for Java versions 2.0.0 to 2.2.0 and less than 1.9.0 incorrectly validates some invalid ECDSA signatures.
Amazon Aws Encryption Sdk
NA
CVE-2024-20930
Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Content Access SDK, Image Export SDK, PDF Export SDK, HTML Export SDK). The supported version that is affected is 8.5.6. Easily exploitable vulnerability allows low privileged attack...
Oracle Outside In Technology 8.5.6
NA
CVE-2023-4280
An unvalidated input in Silicon Labs TrustZone implementation in v4.3.x and previous versions of the Gecko SDK allows an malicious user to access the trusted region of memory from the untrusted region.
Silabs Gecko Software Development Kit
NA
CVE-2023-7080
The V8 inspector intentionally allows arbitrary code execution within the Workers sandbox for debugging. wrangler dev would previously start an inspector server listening on all network interfaces. This would allow an attacker on the local network to connect to the inspector and ...
Cloudflare Wrangler
NA
CVE-2023-5180
An issue exists in Open Design Alliance Drawings SDK prior to 2024.12. A corrupted value of number of sectors used by the Fat structure in a crafted DGN file leads to an out-of-bounds write. An attacker can leverage this vulnerability to execute code in the context of the current...
Opendesign Drawings Sdk
NA
CVE-2023-51651
AWS SDK for PHP is the Amazon Web Services software development kit for PHP. Within the scope of requests to S3 object keys and/or prefixes containing a Unix double-dot, a URI path traversal is possible. The issue exists in the `buildEndpoint` method in the RestSerializer compone...
Amazon Aws Software Development Kit
NA
CVE-2023-50249
Sentry-Javascript is official Sentry SDKs for JavaScript. A ReDoS (Regular expression Denial of Service) vulnerability has been identified in Sentry's Astro SDK 7.78.0-7.86.0. Under certain conditions, this vulnerability allows an malicious user to cause excessive computatio...
Sentry Astro
NA
CVE-2023-6562
JPX Fragment List (flst) box vulnerability in Kakadu 7.9 allows an malicious user to exfiltrate local and remote files reachable by a server if the server allows the malicious user to upload a specially-crafted the image that is displayed back to the attacker.
Kakadusoftware Kakadu Sdk
NA
CVE-2023-5310
A denial of service vulnerability exists in all Silicon Labs Z-Wave controller and endpoint devices running Z-Wave SDK v7.20.3 (Gecko SDK v4.3.3) and previous versions. This attack can be carried out only by devices on the network sending a stream of packets to the device.
Silabs Z-wave Software Development Kit
NA
CVE-2023-4489
The first S0 encryption key is generated with an uninitialized PRNG in Z/IP Gateway products running Silicon Labs Z/IP Gateway SDK v7.18.3 and previous versions. This makes the first S0 key generated at startup predictable, potentially allowing network key prediction and unautho...
Silabs Z\\/ip Gateway Sdk
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »