Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sdk vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2022-28605
Hardcoded admin token in SoundBar apps in Linkplay SDK 1.00 allows remote malicious users to gain admin privilege access in linkplay antifactory
Linkplay Sound Bar 1.0
10
CVSSv2
CVE-2021-35393
Realtek Jungle SDK version v2.x up to v3.4.14B provides a 'WiFi Simple Config' server that implements both UPnP and SSDP protocols. The binary is usually named wscd or mini_upnpd and is the successor to miniigd. The server is vulnerable to a stack buffer overflow vulner...
Realtek Realtek Jungle Sdk
1 Github repository
10
CVSSv2
CVE-2021-35395
Realtek Jungle SDK version v2.x up to v3.4.14B provides an HTTP web server exposing a management interface that can be used to configure the access point. Two versions of this management interface exists: one based on Go-Ahead named webs and another based on Boa named boa. Both o...
Realtek Realtek Jungle Sdk
1 Article
10
CVSSv2
CVE-2021-35394
Realtek Jungle SDK version v2.x up to v3.4.14B provides a diagnostic tool called 'MP Daemon' that is usually compiled as 'UDPServer' binary. The binary is affected by multiple memory corruption vulnerabilities and an arbitrary command injection vulnerability t...
Realtek Realtek Jungle Sdk
10
CVSSv2
CVE-2021-27372
Realtek xPON RTL9601D SDK 1.9 stores passwords in plaintext which may allow malicious users to possibly gain access to the device with root permissions via the build-in network monitoring tool and execute arbitrary commands.
Realtek Xpon Rtl9601d Software Development Kit 1.9
10
CVSSv2
CVE-2020-7745
This affects the package MintegralAdSDK prior to 6.6.0.0. The SDK distributed by the company contains malicious functionality that acts as a backdoor. Mintegral and their partners (advertisers) can remotely execute arbitrary code on a user device.
Mintegral Mintegraladsdk
10
CVSSv2
CVE-2020-12828
An issue exists in AnchorFree VPN SDK prior to 1.3.3.218. The VPN SDK service takes certain executable locations over a socket bound to localhost. Binding to the socket and providing a path where a malicious executable file resides leads to executing the malicious executable file...
Pango Virtual Private Network Software Development Kit
1 Github repository
1 Article
10
CVSSv2
CVE-2017-3216
WiMAX routers based on the MediaTek SDK (libmtk) that use a custom httpd plugin are vulnerable to an authentication bypass allowing a remote, unauthenticated malicious user to gain administrator access to the device by performing an administrator password change on the device via...
Greenpacket Ox350 Firmware -
Huawei Bm2022 Firmware -
Huawei Hes-309m Firmware -
Huawei Hes-319m Firmware -
Huawei Hes-319m2w Firmware -
Huawei Hes-339m Firmware -
Mada Soho Wireless Router Firmware -
Zte Ox-330p Firmware -
Zyxel Max218m Firmware -
Zyxel Max218m1w Firmware -
Zyxel Max218mw Firmware -
Zyxel Max308m Fimware -
Zyxel Max318m Firmware -
Zyxel Max338m Firmware -
10
CVSSv2
CVE-2017-6667
A vulnerability in the update process for the dynamic JAR file of the Cisco Context Service software development kit (SDK) could allow an unauthenticated, remote malicious user to execute arbitrary code on the affected device with the privileges of the web server. More Informatio...
Cisco Context Service Development Kit 2.0
10
CVSSv2
CVE-2015-8455
Adobe Flash Player prior to 18.0.0.268 and 19.x and 20.x prior to 20.0.0.228 on Windows and OS X and prior to 11.2.202.554 on Linux, Adobe AIR prior to 20.0.0.204, Adobe AIR SDK prior to 20.0.0.204, and Adobe AIR SDK & Compiler prior to 20.0.0.204 allow malicious users to exe...
Adobe Flash Player
Adobe Flash Player 19.0.0.185
Adobe Flash Player 19.0.0.226
Adobe Flash Player 19.0.0.207
Adobe Flash Player 19.0.0.245
Adobe Air Sdk
Adobe Air Sdk \\& Compiler
Adobe Air
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »