Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In January 2025
CVE-2024-57620
An issue in the trimchars component of MonetDB Server v11.47.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVSS Score
7.5
EPSS Score
0.002
Published
2025-01-14
CVE-2024-57621
An issue in the GDKanalytical_correlation component of MonetDB Server v11.47.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVSS Score
7.5
EPSS Score
0.002
Published
2025-01-14
CVE-2024-57622
An issue in the exp_bin component of MonetDB Server v11.49.1 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVSS Score
7.5
EPSS Score
0.002
Published
2025-01-14
CVE-2024-57623
An issue in the HEAP_malloc component of MonetDB Server v11.49.1 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVSS Score
7.5
EPSS Score
0.002
Published
2025-01-14
CVE-2024-57624
An issue in the exp_atom component of MonetDB Server v11.49.1 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVSS Score
7.5
EPSS Score
0.002
Published
2025-01-14
CVE-2024-57625
An issue in the merge_table_prune_and_unionize component of MonetDB Server v11.49.1 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVSS Score
7.5
EPSS Score
0.002
Published
2025-01-14
CVE-2024-11396
The Event Monster – Event Management, Tickets Booking, Upcoming Event plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.4.3 via the Visitors List Export file. During the export, a CSV file is created in the wp-content folder with a hardcoded filename that is publicly accessible. This makes it possible for unauthenticated attackers to extract data about event visitors, that includes first and last names, email, and phone number.
CVSS Score
5.3
EPSS Score
0.542
Published
2025-01-14
CVE-2024-57615
An issue in the BATcalcbetween_intern component of MonetDB Server v11.47.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-01-14
CVE-2024-57616
An issue in the vscanf component of MonetDB Server v11.47.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-01-14
CVE-2024-56323
OpenFGA is an authorization/permission engine. IN OpenFGA v1.3.8 to v1.8.2 (Helm chart openfga-0.1.38 to openfga-0.2.19, docker v1.3.8 to v.1.8.2) are vulnerable to authorization bypass under the following conditions: 1. calling Check API or ListObjects with a model that uses [conditions](https://openfga.dev/docs/modeling/conditions), and 2. calling Check API or ListObjects API with [contextual tuples](https://openfga.dev/docs/concepts#what-are-contextual-tuples) that include conditions and 3. OpenFGA is configured with caching enabled (`OPENFGA_CHECK_QUERY_CACHE_ENABLED`). Users are advised to upgrade to v1.8.3. There are no known workarounds for this vulnerability.
CVSS Score
5.8
EPSS Score
0.001
Published
2025-01-13


Products
Pricing
Contact Us

Shodan ® - All rights reserved