Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sdk vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-5592
Download of Code Without Integrity Check vulnerability in PHOENIX CONTACT MULTIPROG, PHOENIX CONTACT ProConOS eCLR (SDK) allows an unauthenticated remote malicious user to download and execute applications without integrity checks on the device which may result in a complete loss...
Phoenixcontact Multiprog
Phoenixcontact Proconos Eclr
NA
CVE-2023-0757
Incorrect Permission Assignment for Critical Resource vulnerability in PHOENIX CONTACT MULTIPROG, PHOENIX CONTACT ProConOS eCLR (SDK) allows an unauthenticated remote malicious user to upload arbitrary malicious code and gain full access on the affected device.
Phoenixcontact Multiprog
Phoenixcontact Proconos Eclr
NA
CVE-2023-35625
Azure Machine Learning Compute Instance for SDK Users Information Disclosure Vulnerability
Microsoft Azure Machine Learning Software Development Kit
NA
CVE-2023-6542
Due to lack of proper authorization checks in Emarsys SDK for Android, an attacker can call a particular activity and can forward himself web pages and/or deep links without any validation directly from the host application. On successful attack, an attacker could navigate to arb...
Sap Emarsys Sdk 3.6.2
NA
CVE-2023-49282
msgraph-sdk-php is the Microsoft Graph Library for PHP. The Microsoft Graph PHP SDK published packages which contained test code that enabled the use of the phpInfo() function from any application that could access and execute the file at vendor/microsoft/microsoft-graph/tests/Ge...
Microsoft Graph
NA
CVE-2023-49283
microsoft-graph-core the Microsoft Graph Library for PHP. The Microsoft Graph Beta PHP SDK published packages which contained test code that enabled the use of the phpInfo() function from any application that could access and execute the file at `vendor/microsoft/microsoft-graph-...
Microsoft Graph
NA
CVE-2023-42572
Implicit intent hijacking vulnerability in Samsung Account Web SDK prior to version 1.5.24 allows malicious user to get sensitive information.
Samsung Account Web Software Development Kit
NA
CVE-2023-46729
sentry-javascript provides Sentry SDKs for JavaScript. An unsanitized input of Next.js SDK tunnel endpoint allows sending HTTP requests to arbitrary URLs and reflecting the response back to the user. This issue only affects users who have Next.js SDK tunneling feature enabled. Th...
Sentry Sentry Software Development Kit
1 Github repository
NA
CVE-2023-39913
Deserialization of Untrusted Data, Improper Input Validation vulnerability in Apache UIMA Java SDK, Apache UIMA Java SDK, Apache UIMA Java SDK, Apache UIMA Java SDK.This issue affects Apache UIMA Java SDK: prior to 3.5.0. Users are recommended to upgrade to version 3.5.0, which f...
Apache Uimaj
NA
CVE-2023-5179
An issue exists in Open Design Alliance Drawings SDK prior to 2024.10. A corrupted value for the start of MiniFat sector in a crafted DGN file leads to an out-of-bounds read. This can allow malicious users to cause a crash, potentially enabling a denial-of-service attack (Crash, ...
Opendesign Drawings Sdk
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »