Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In March 2025
CVE-2025-2602
A vulnerability has been found in SourceCodester Kortex Lite Advocate Office Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file deactivate_reg.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
6.3
EPSS Score
0.0
Published
2025-03-21
CVE-2025-29223
Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability via the pt parameter in the traceRoute function.
CVSS Score
6.3
EPSS Score
0.012
Published
2025-03-21
CVE-2025-29226
In Linksys E5600 V1.1.0.26, the \usr\share\lua\runtime.lua file contains a command injection vulnerability in the runtime.pingTest function via the pt["count"] parameter.
CVSS Score
6.3
EPSS Score
0.012
Published
2025-03-21
CVE-2025-29227
In Linksys E5600 V1.1.0.26, the \usr\share\lua\runtime.lua file contains a command injection vulnerability in the runtime.pingTest function via the pt["pkgsize"] parameter.
CVSS Score
6.3
EPSS Score
0.012
Published
2025-03-21
CVE-2025-29230
Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.emailReg function. The vulnerability can be triggered via the `pt["email"]` parameter.
CVSS Score
8.6
EPSS Score
0.012
Published
2025-03-21
CVE-2024-53350
Insecure permissions in kubeslice v1.3.1 allow attackers to gain access to the service account's token, leading to escalation of privileges.
CVSS Score
7.4
EPSS Score
0.0
Published
2025-03-21
CVE-2024-53351
Insecure permissions in pipecd v0.49 allow attackers to gain access to the service account's token, leading to escalation of privileges.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-03-21
CVE-2024-53349
Insecure permissions in kuadrant v0.11.3 allow attackers to gain access to the service account's token, leading to escalation of privileges via the secretes component in the k8s cluster
CVSS Score
7.4
EPSS Score
0.0
Published
2025-03-21
CVE-2023-43029
IBM Storage Virtualize vSphere Remote Plug-in 1.0 and 1.1 could allow a remote user to obtain sensitive credential information after deployment.
CVSS Score
6.8
EPSS Score
0.0
Published
2025-03-21
CVE-2024-53348
LoxiLB v.0.9.7 and before is vulnerable to Incorrect Access Control which allows attackers to obtain sensitive information and escalate privileges.
CVSS Score
7.4
EPSS Score
0.0
Published
2025-03-21


Products
Pricing
Contact Us

Shodan ® - All rights reserved