Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Charm Security Vulnerabilities

cve
cve

CVE-2021-37587

In Charm 0.43, any single user can decrypt DAC-MACS or MA-ABE-YJ14 data.

6.5CVSS

6.5AI Score

0.001EPSS

2021-07-30 02:15 PM
36
2
cve
cve

CVE-2021-37588

In Charm 0.43, any two users can collude to achieve the ability to decrypt YCT14 data.

5.9CVSS

5.6AI Score

0.002EPSS

2021-07-30 02:15 PM
35
2
cve
cve

CVE-2022-29180

A vulnerability in which attackers could forge HTTP requests to manipulate the charm data directory to access or delete anything on the server. This has been patched and is available in release v0.12.1 . We recommend that all users running self-hosted charm instances update immediately. This vulner...

9.8CVSS

9.4AI Score

0.002EPSS

2022-05-07 04:15 AM
44
2
cve
cve

CVE-2022-33733

Sensitive information exposure in onCharacteristicRead in Charm by Samsung prior to version 1.2.3 allows attacker to get bluetooth connection information without permission.

6.2CVSS

4AI Score

0.0004EPSS

2022-08-05 04:15 PM
32
4
cve
cve

CVE-2022-33734

Sensitive information exposure in onCharacteristicChanged in Charm by Samsung prior to version 1.2.3 allows attacker to get bluetooth connection information without permission.

6.2CVSS

5.3AI Score

0.0004EPSS

2022-08-05 04:15 PM
30
4