Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In March 2025
CVE-2025-29807
Deserialization of untrusted data in Microsoft Dataverse allows an authorized attacker to execute code over a network.
CVSS Score
8.7
EPSS Score
0.013
Published
2025-03-21
CVE-2025-29814
Improper authorization in Microsoft Partner Center allows an authorized attacker to elevate privileges over a network.
CVSS Score
9.3
EPSS Score
0.189
Published
2025-03-21
CVE-2023-28207
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. A plug-in may be able to inherit app permissions and access user data.
CVSS Score
5.5
EPSS Score
0.0
Published
2025-03-21
CVE-2024-44305
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.6. An app may be able to gain root privileges.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-03-21
CVE-2024-54551
The issue was addressed with improved memory handling. This issue is fixed in watchOS 10.6, tvOS 17.6, Safari 17.6, macOS Sonoma 14.6, visionOS 1.3, iOS 17.6 and iPadOS 17.6. Processing web content may lead to a denial-of-service.
CVSS Score
7.5
EPSS Score
0.005
Published
2025-03-21
CVE-2024-54564
This issue was addressed through improved state management. This issue is fixed in visionOS 1.3, macOS Sonoma 14.6, iOS 17.6 and iPadOS 17.6. A file received from AirDrop may not have the quarantine flag applied.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-03-21
CVE-2024-44199
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.6. An app may be able to cause unexpected system termination or read kernel memory.
CVSS Score
7.1
EPSS Score
0.0
Published
2025-03-21
CVE-2025-30334
In OpenBSD 7.6 before errata 006 and OpenBSD 7.5 before errata 015, traffic sent over wg(4) could result in kernel crash.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-03-20
CVE-2025-25758
An issue in KukuFM Android v1.12.7 (11207) allows attackers to access sensitive cleartext data via the android:allowBackup="true" in the ANdroidManifest.xml
CVSS Score
7.5
EPSS Score
0.001
Published
2025-03-20
CVE-2025-2538
A hardcoded credential vulnerability exists in a specific deployment pattern for Esri Portal for ArcGIS versions 11.4 and below that may allow a remote unauthenticated attacker to gain administrative access to the system.
CVSS Score
9.8
EPSS Score
0.002
Published
2025-03-20


Products
Pricing
Contact Us

Shodan ® - All rights reserved