Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In February 2025
CVE-2025-0303
in OpenHarmony v4.1.2 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through buffer overflow.
CVSS Score
8.8
EPSS Score
0.0
Published
2025-02-07
CVE-2025-0304
in OpenHarmony v4.1.2 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through use after free.
CVSS Score
8.8
EPSS Score
0.0
Published
2025-02-07
CVE-2025-22880
Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current process.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-02-07
CVE-2024-13492
The Guten Free Options WordPress plugin through 0.9.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.
CVSS Score
6.1
EPSS Score
0.0
Published
2025-02-07
CVE-2024-13352
The Legull WordPress plugin through 1.2.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.
CVSS Score
7.1
EPSS Score
0.0
Published
2025-02-07
CVE-2025-1072
A Denial of Service (DoS) issue has been discovered in GitLab CE/EE affecting all versions starting from 7.14.1 prior to 17.3.7, 17.4 prior to 17.4.4, and 17.5 prior to 17.5.2. A denial of service could occur upon importing maliciously crafted content using the Fogbugz importer.
CVSS Score
6.5
EPSS Score
0.004
Published
2025-02-07
CVE-2025-22402
Dell Update Manager Plugin, version(s) 1.5.0 through 1.6.0, contain(s) an Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.
CVSS Score
2.6
EPSS Score
0.001
Published
2025-02-07
CVE-2025-21279
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVSS Score
6.5
EPSS Score
0.003
Published
2025-02-06
CVE-2025-21283
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVSS Score
6.5
EPSS Score
0.003
Published
2025-02-06
CVE-2025-21342
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVSS Score
8.8
EPSS Score
0.007
Published
2025-02-06


Products
Pricing
Contact Us

Shodan ® - All rights reserved