Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wave vulnerabilities and exploits
(subscribe to this query)
9
CVSSv2
CVE-2021-1555
Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote malicious user to perform command injection attacks against an affected device. These vulnerabilitie...
Cisco Wap125 Firmware
Cisco Wap131 Firmware
Cisco Wap150 Firmware
Cisco Wap351 Firmware
Cisco Wap361 Firmware
Cisco Wap581 Firmware
NA
CVE-2023-35959
Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability conce...
Tonybybell Gtkwave 3.3.115
6.1
CVSSv2
CVE-2020-9059
Z-Wave devices based on Silicon Labs 500 series chipsets using S0 authentication are susceptible to uncontrolled resource consumption leading to battery exhaustion. As an example, the Schlage BE468 version 3.42 door lock is vulnerable and fails open at a low battery level.
Silabs 500 Series Firmware
Schlage Be468 3.42
NA
CVE-2023-35960
Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability conce...
Tonybybell Gtkwave 3.3.115
4.8
CVSSv2
CVE-2020-9058
Z-Wave devices based on Silicon Labs 500 series chipsets using CRC-16 encapsulation, including but likely not limited to the Linear LB60Z-1 version 3.5, Dome DM501 version 4.26, and Jasco ZW4201 version 4.05, do not implement encryption or replay protection.
Silabs 500 Series Firmware
Dome Dm501 4.26
Jasco Zw4201 4.05
Linear Lb60z-1 3.5
NA
CVE-2023-35961
Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability conce...
Tonybybell Gtkwave 3.3.115
4.8
CVSSv2
CVE-2018-25029
The Z-Wave specification requires that S2 security can be downgraded to S0 or other less secure protocols, allowing an attacker within radio range during pairing to downgrade and then exploit a different vulnerability (CVE-2013-20003) to intercept and spoof traffic.
Silabs Zgm130s037hgn Firmware S2
Silabs Zm5202 Firmware S2
Silabs Zm5101 Firmware S2
Silabs Zgm2305a27hgn Firmware S2
Silabs Zgm230sb27hgn Firmware S2
9
CVSSv2
CVE-2021-35522
A Buffer Overflow in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices prior to 2.6.2, Sigma devices prior to 4.9.4, and MA VP MD devices prior to 4.9.7 allows remote malicious users to achieve code execution, denial of services, and information disclos...
Idemia Morphowave Compact Mdpi Firmware
Idemia Morphowave Compact Mdpi-m Firmware
Idemia Visionpass Mdpi Firmware
Idemia Visionpass Mdpi-m Firmware
Idemia Visionpass Md Firmware -
Idemia Morphowave Compact Md Firmware -
Idemia Sigma Lite Firmware -
Idemia Sigma Lite\\+ Firmware -
Idemia Sigma Wide Firmware -
Idemia Sigma Extreme Firmware -
Idemia Ma Vp Md Firmware -
3.3
CVSSv2
CVE-2020-10137
Z-Wave devices based on Silicon Labs 700 series chipsets using S2 do not adequately authenticate or encrypt FIND_NODE_IN_RANGE frames, allowing a remote, unauthenticated malicious user to inject a FIND_NODE_IN_RANGE frame with an invalid random payload, denying service by blockin...
Silabs Uzb-7 7.00
Silabs 700 Series Firmware
NA
CVE-2023-35962
Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability conce...
Tonybybell Gtkwave 3.3.115
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »