Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In January 2025
CVE-2024-46921
An issue was discovered in Samsung Mobile Processor and Modem Exynos 9820, 9825, 980, 990, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W1000, Modem 5123, Modem 5300, Modem 5400. UE does not limit the number of attempts for the RRC Setup procedure in the 5G SA, leading to a denial of service (battery-drain attack).
CVSS Score
6.5
EPSS Score
0.003
Published
2025-01-13
CVE-2024-46479
Venki Supravizio BPM through 18.0.1 was discovered to contain an arbitrary file upload vulnerability. An authenticated attacker may upload a malicious file, leading to remote code execution.
CVSS Score
9.9
EPSS Score
0.045
Published
2025-01-13
CVE-2024-46920
An issue was discovered in Samsung Mobile Processor Exynos 9820, 9825, 980, 990, 850, 1080, 2100, and 1280. Lack of a length check leads to a stack out-of-bounds write at loadInputBuffers.
CVSS Score
6.5
EPSS Score
0.006
Published
2025-01-13
CVE-2024-54999
MonicaHQ v4.1.2 was discovered to contain a Client-Side Injection vulnerability via the last_name parameter the General Information module.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-01-13
CVE-2024-57487
In Code-Projects Online Car Rental System 1.0, the file upload feature does not validate file extensions or MIME types allowing an attacker to upload a PHP shell without any restrictions and execute commands on the server.
CVSS Score
6.5
EPSS Score
0.451
Published
2025-01-13
CVE-2024-57488
Code-Projects Online Car Rental System 1.0 is vulnerable to Cross Site Scripting (XSS) via the vehicalorcview parameter in /admin/edit-vehicle.php.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-01-13
CVE-2024-12211
Pega Platform versions 8.1 to Infinity 24.2.0 are affected by an Stored XSS issue with profile.
CVSS Score
5.4
EPSS Score
0.002
Published
2025-01-13
CVE-2024-46919
An issue was discovered in Samsung Mobile Processor Exynos 9820, 9825, 980, 990, 850, 1080, 2100, and 1280. Lack of a length check leads to a stack out-of-bounds write at loadOutputBuffers.
CVSS Score
5.3
EPSS Score
0.006
Published
2025-01-13
CVE-2024-48883
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, and Modem 5300. The UE incorrectly handles a malformed uplink scheduling message, resulting in an information leak of the UE.
CVSS Score
4.3
EPSS Score
0.001
Published
2025-01-13
CVE-2025-22963
Teedy through 1.11 allows CSRF for account takeover via POST /api/user/admin.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-01-13


Products
Pricing
Contact Us

Shodan ® - All rights reserved