Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sdk vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-0970
Multiple buffer overflow vulnerabilities in SiLabs Z/IP Gateway SDK version 7.18.01 and previous versions allow an attacker with invasive physical access to a Z-Wave controller device to overwrite global memory and potentially execute arbitrary code.
Silabs Z\\/ip Gateway Sdk
NA
CVE-2023-0971
A logic error in SiLabs Z/IP Gateway SDK 7.18.02 and previous versions allows authentication to be bypassed, remote administration of Z-Wave controllers, and S0/S2 encryption keys to be recovered.
Silabs Z\\/ip Gateway Sdk
NA
CVE-2023-0972
Description: A vulnerability in SiLabs Z/IP Gateway 7.18.01 and previous versions allows an unauthenticated attacker within Z-Wave range to overflow a stack buffer, leading to arbitrary code execution.
Silabs Z\\/ip Gateway Sdk
NA
CVE-2023-2686
Buffer overflow in Wi-Fi Commissioning MicriumOS example in Silicon Labs Gecko SDK v4.2.3 or earlier allows connected device to write payload onto the stack.
Silabs Gecko Software Development Kit
NA
CVE-2023-34115
Buffer copy without checking size of input in Zoom Meeting SDK prior to 5.13.0 may allow an authenticated user to potentially enable a denial of service via local access. This issue may result in the Zoom Meeting SDK to crash and need to be restarted.
Zoom Meeting Sdk
NA
CVE-2023-32751
Pydio Cells up to and including 4.1.2 allows XSS. Pydio Cells implements the download of files using presigned URLs which are generated using the Amazon AWS SDK for JavaScript [1]. The secrets used to sign these URLs are hardcoded and exposed through the JavaScript files of the w...
Pydio Cells
NA
CVE-2023-2687
Buffer overflow in Platform CLI component in Silicon Labs Gecko SDK v4.2.1 and previous versions allows user to overwrite limited structures on the heap.
Silabs Gecko Software Development Kit
NA
CVE-2023-32689
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Versions before 5.4.4 and 6.1.1 are vulnerable to a phishing attack vulnerability that involves a user uploading malicious files. A malicious user could upload an HTML file to ...
Parseplatform Parse-server
NA
CVE-2023-31226
The SDK for the MediaPlaybackController module has improper permission verification. Successful exploitation of this vulnerability may affect confidentiality.
Huawei Emui 13.0.0
NA
CVE-2023-2481
Compiler removal of buffer clearing in sli_se_opaque_import_key in Silicon Labs Gecko Platform SDK v4.2.1 and previous versions results in key material duplication to RAM.
Silabs Gecko Software Development Kit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »