Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sdk vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2024-24591
A path traversal vulnerability in versions 1.4.0 to 1.14.1 of the client SDK of Allegro AI’s ClearML platform enables a maliciously uploaded dataset to write local or remote files to an arbitrary location on an end user’s system when interacted with.
Clear Clearml
8.8
CVSSv3
CVE-2023-39913
Deserialization of Untrusted Data, Improper Input Validation vulnerability in Apache UIMA Java SDK, Apache UIMA Java SDK, Apache UIMA Java SDK, Apache UIMA Java SDK.This issue affects Apache UIMA Java SDK: prior to 3.5.0. Users are recommended to upgrade to version 3.5.0, which f...
Apache Uimaj
8.8
CVSSv3
CVE-2023-36414
Azure Identity SDK Remote Code Execution Vulnerability
Microsoft Azure Identity Sdk
2 Github repositories
8.8
CVSSv3
CVE-2023-36415
Azure Identity SDK Remote Code Execution Vulnerability
Microsoft Azure Identity Sdk
8.8
CVSSv3
CVE-2023-0971
A logic error in SiLabs Z/IP Gateway SDK 7.18.02 and previous versions allows authentication to be bypassed, remote administration of Z-Wave controllers, and S0/S2 encryption keys to be recovered.
Silabs Z\\/ip Gateway Sdk
8.8
CVSSv3
CVE-2023-0972
Description: A vulnerability in SiLabs Z/IP Gateway 7.18.01 and previous versions allows an unauthenticated attacker within Z-Wave range to overflow a stack buffer, leading to arbitrary code execution.
Silabs Z\\/ip Gateway Sdk
8.8
CVSSv3
CVE-2023-25617
SAP Business Object (Adaptive Job Server) - versions 420, 430, allows remote execution of arbitrary commands on Unix, when program objects execution is enabled, to authenticated users with scheduling rights, using the BI Launchpad, Central Management Console or a custom applicati...
Sap Business Objects Business Intelligence Platform 430
Sap Business Objects Business Intelligence Platform 420
1 Article
8.8
CVSSv3
CVE-2022-30904
In Bestechnic Bluetooth Mesh SDK (BES2300) V1.0, a buffer overflow vulnerability can be triggered during provisioning, because there is no check for the SegN field of the Transaction Start PDU.
Bestechnic Bluetooth Mesh Software Development Kit 1.0
8.8
CVSSv3
CVE-2022-31363
Cypress : https://www.infineon.com/ Cypress Bluetooth Mesh SDK BSA0107_05.01.00-BX8-AMESH-08 is affected by: Buffer Overflow. The impact is: execute arbitrary code (remote). The component is: affected function is pb_transport_handle_frag_. ¶¶ In Cypress Bluetooth Mesh S...
Infineon Cypress Bluetooth Mesh Software Development Kit Bsa0107 05.01.00-bx8-amesh-08
8.8
CVSSv3
CVE-2022-31364
Cypress : https://www.infineon.com/ Cypress Bluetooth Mesh SDK BSA0107_05.01.00-BX8-AMESH-08 is affected by: Buffer Overflow. The impact is: execute arbitrary code (remote). The component is: affected function is lower_transport_layer_on_seg. ¶¶ In Cypress Bluetooth Mes...
Infineon Cypress Bluetooth Mesh Software Development Kit Bsa0107 05.01.00-bx8-amesh-08
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »