Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wave vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-42471
The wave.ai.browser application up to and including 1.0.35 for Android allows a remote malicious user to execute arbitrary JavaScript code via a crafted intent. It contains a manifest entry that exports the wave.ai.browser.ui.splash.SplashScreen activity. This activity uses a Web...
Wave-ai Wave
668
VMScore
CVE-2013-3577
SQL injection vulnerability in the Help Desk application in Wave EMBASSY Remote Administration Server (ERAS) allows remote malicious users to execute arbitrary SQL commands via the ct100$4MainController$TextBoxSearchValue parameter (aka the search field).
Wave Embassy Remote Administration Server -
Wave Embassy Remote Administration Server Help Desk -
801
VMScore
CVE-2013-3578
SQL injection vulnerability in the Help Desk application in Wave EMBASSY Remote Administration Server (ERAS) allows remote authenticated users to execute arbitrary SQL commands via the ct100$4MainController$TextBoxSearchValue parameter (aka the search field), leading to execution...
Wave Embassy Remote Administration Server -
Wave Embassy Remote Administration Server Help Desk -
605
VMScore
CVE-2016-1518
The auto-provisioning mechanism in the Grandstream Wave app 1.0.1.26 and previous versions for Android and Grandstream Video IP phones allows man-in-the-middle malicious users to spoof provisioning data and consequently modify device functionality, obtain sensitive information fr...
Grandstream Wave
383
VMScore
CVE-2016-1519
The com.softphone.common package in the Grandstream Wave app 1.0.1.26 and previous versions for Android does not properly validate SSL certificates, which allows man-in-the-middle malicious users to spoof the Grandstream provisioning server via a crafted certificate.
Grandstream Wave
605
VMScore
CVE-2016-1520
The Grandstream Wave app 1.0.1.26 and previous versions for Android does not use HTTPS when retrieving update information, which might allow man-in-the-middle malicious users to execute arbitrary code via a crafted application.
Grandstream Wave
445
VMScore
CVE-2018-20395
NETWAVE MNG6200 C4835805jrc12FU121413.cpr devices allow remote malicious users to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.
Net-wave Ming6200 Firmware C4835805jrc12fu121413.cpr
NA
CVE-2023-29737
An issue found in Wave Animated Keyboard Emoji v.1.70.7 for Android allows a local malicious user to cause a denial of service via the database files.
Wavekeyboard Wave Animated Keyboard Emoji 1.70.7
NA
CVE-2023-29738
An issue found in Wave Animated Keyboard Emoji v.1.70.7 for Android allows a local malicious user to cause code execution and escalation of Privileges via the database files.
Wavekeyboard Wave Animated Keyboard Emoji 1.70.7
NA
CVE-2023-20854
VMware Workstation contains an arbitrary file deletion vulnerability. A malicious actor with local user privileges on the victim's machine may exploit this vulnerability to delete arbitrary files from the file system of the machine on which Workstation is installed.
Vmware Workstation 17.0
1 Article
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »