Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sdk vulnerabilities and exploits
(subscribe to this query)
3.3
CVSSv3
CVE-2023-34117
Relative path traversal in the Zoom Client SDK before version 5.15.0 may allow an unauthorized user to enable information disclosure via local access.
Zoom Zoom Software Development Kit
6.8
CVSSv3
CVE-2023-0970
Multiple buffer overflow vulnerabilities in SiLabs Z/IP Gateway SDK version 7.18.01 and previous versions allow an attacker with invasive physical access to a Z-Wave controller device to overwrite global memory and potentially execute arbitrary code.
Silabs Z\\/ip Gateway Sdk
8.8
CVSSv3
CVE-2023-0971
A logic error in SiLabs Z/IP Gateway SDK 7.18.02 and previous versions allows authentication to be bypassed, remote administration of Z-Wave controllers, and S0/S2 encryption keys to be recovered.
Silabs Z\\/ip Gateway Sdk
8.8
CVSSv3
CVE-2023-0972
Description: A vulnerability in SiLabs Z/IP Gateway 7.18.01 and previous versions allows an unauthenticated attacker within Z-Wave range to overflow a stack buffer, leading to arbitrary code execution.
Silabs Z\\/ip Gateway Sdk
3.5
CVSSv3
CVE-2023-0969
A vulnerability in SiLabs Z/IP Gateway 7.18.01 and previous versions allows an authenticated attacker within Z-Wave range to manipulate an array pointer to disclose the contents of global memory.
Silabs Z\\/ip Gateway Sdk
9.8
CVSSv3
CVE-2023-2686
Buffer overflow in Wi-Fi Commissioning MicriumOS example in Silicon Labs Gecko SDK v4.2.3 or earlier allows connected device to write payload onto the stack.
Silabs Gecko Software Development Kit
3.8
CVSSv3
CVE-2023-34115
Buffer copy without checking size of input in Zoom Meeting SDK prior to 5.13.0 may allow an authenticated user to potentially enable a denial of service via local access. This issue may result in the Zoom Meeting SDK to crash and need to be restarted.
Zoom Meeting Sdk
5.4
CVSSv3
CVE-2023-32751
Pydio Cells up to and including 4.1.2 allows XSS. Pydio Cells implements the download of files using presigned URLs which are generated using the Amazon AWS SDK for JavaScript [1]. The secrets used to sign these URLs are hardcoded and exposed through the JavaScript files of the w...
Pydio Cells
3.3
CVSSv3
CVE-2023-2687
Buffer overflow in Platform CLI component in Silicon Labs Gecko SDK v4.2.1 and previous versions allows user to overwrite limited structures on the heap.
Silabs Gecko Software Development Kit
6.5
CVSSv3
CVE-2023-32689
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Versions before 5.4.4 and 6.1.1 are vulnerable to a phishing attack vulnerability that involves a user uploading malicious files. A malicious user could upload an HTML file to ...
Parseplatform Parse-server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »