Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In January 2025
CVE-2024-57052
An issue in youdiancms v.9.5.20 and before allows a remote attacker to escalate privileges via the sessionID parameter in the index.php file.
CVSS Score
9.8
EPSS Score
0.002
Published
2025-01-27
CVE-2024-57546
An issue in CMSimple v.5.16 allows a remote attacker to obtain sensitive information via a crafted script to the validate link function.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-01-27
CVE-2025-24161
The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Parsing a file may lead to an unexpected app termination.
CVSS Score
5.5
EPSS Score
0.0
Published
2025-01-27
CVE-2025-24162
This issue was addressed through improved state management. This issue is fixed in visionOS 2.3, Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Processing maliciously crafted web content may lead to an unexpected process crash.
CVSS Score
6.5
EPSS Score
0.002
Published
2025-01-27
CVE-2025-24163
The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Parsing a file may lead to an unexpected app termination.
CVSS Score
5.5
EPSS Score
0.0
Published
2025-01-27
CVE-2025-24169
A logging issue was addressed with improved data redaction. This issue is fixed in macOS Sequoia 15.3, Safari 18.3. A malicious app may be able to bypass browser extension authentication.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-01-27
CVE-2025-24174
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to bypass Privacy preferences.
CVSS Score
7.7
EPSS Score
0.0
Published
2025-01-27
CVE-2025-24176
A permissions issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. A local attacker may be able to elevate their privileges.
CVSS Score
7.1
EPSS Score
0.0
Published
2025-01-27
CVE-2025-24177
A null pointer dereference was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.3, iOS 18.3 and iPadOS 18.3. A remote attacker may be able to cause a denial-of-service.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-01-27
CVE-2025-24146
This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. Deleting a conversation in Messages may expose user contact information in system logging.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-01-27


Products
Pricing
Contact Us

Shodan ® - All rights reserved