Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sdk vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2023-5179
An issue exists in Open Design Alliance Drawings SDK prior to 2024.10. A corrupted value for the start of MiniFat sector in a crafted DGN file leads to an out-of-bounds read. This can allow malicious users to cause a crash, potentially enabling a denial-of-service attack (Crash, ...
Opendesign Drawings Sdk
9.1
CVSSv3
CVE-2023-41095
Missing Encryption of Security Keys vulnerability in Silicon Labs OpenThread SDK on 32 bit, ARM (SecureVault High modules) allows potential modification or extraction of network credentials stored in flash. This issue affects Silicon Labs OpenThread SDK: 2.3.1 and previous versio...
Silabs Openthread Sdk
6.1
CVSSv3
CVE-2023-41096
Missing Encryption of Security Keys vulnerability in Silicon Labs Ember ZNet SDK on 32 bit, ARM (SecureVault High modules) allows potential modification or extraction of network credentials stored in flash. This issue affects Silicon Labs Ember ZNet SDK: 7.3.1 and previous versio...
Silabs Emberznet Sdk
5.5
CVSSv3
CVE-2023-45825
ydb-go-sdk is a pure Go native and database/sql driver for the YDB platform. Since ydb-go-sdk v3.48.6 if you use a custom credentials object (implementation of interface Credentials it may leak into logs. This happens because this object could be serialized into an error message ...
Ydb Ydb-go-sdk
6.3
CVSSv3
CVE-2023-22127
Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Content Access SDK, Image Export SDK, PDF Export SDK, HTML Export SDK). The supported version that is affected is 8.5.6. Easily exploitable vulnerability allows low privileged attack...
Oracle Outside In Technology 8.5.6
8.8
CVSSv3
CVE-2023-36414
Azure Identity SDK Remote Code Execution Vulnerability
Microsoft Azure Identity Sdk
2 Github repositories
8.8
CVSSv3
CVE-2023-36415
Azure Identity SDK Remote Code Execution Vulnerability
Microsoft Azure Identity Sdk
6.5
CVSSv3
CVE-2023-36566
Microsoft Common Data Model SDK Denial of Service Vulnerability
Microsoft Common Data Model Sdk
7.5
CVSSv3
CVE-2023-42189
Insecure Permissions vulnerability in Connectivity Standards Alliance Matter Official SDK v.1.1.0.0 , Nanoleaf Light strip v.3.5.10, Govee LED Strip v.3.00.42, switchBot Hub2 v.1.0-0.8, Phillips hue hub v.1.59.1959097030, and yeelight smart lamp v.1.12.69 allows a remote maliciou...
Tapo Mini Smart Wi-fi Plug Firmware -
Nanoleaf Lightstrip Firmware 3.5.10
Govee Led Strip Firmware 3.00.42
Switchbot Hub2 Firmware 1.0-0.8
Phillips Hue Bridge Firmware 1.59.1959097030
Yeelight Smart Lamp Firmware 1.12.69
Tp-link Smart Plug Firmware -
Orein Smart Bulb Firmware -
Eve Eve Door And Window Firmware -
7.5
CVSSv3
CVE-2023-39410
When deserializing untrusted or corrupted data, it is possible for a reader to consume memory beyond the allowed constraints and thus lead to out of memory on the system. This issue affects Java applications using Apache Avro Java SDK up to and including 1.11.2. Users should upda...
Apache Avro
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »