Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In May 2025
CVE-2024-4982
A directory traversal vulnerability was discovered in Pagure server. If a malicious user submits a specially cratfted git repository they could discover secrets on the server.
CVSS Score
7.6
EPSS Score
0.002
Published
2025-05-12
CVE-2024-55466
An arbitrary file upload vulnerability in the Image Gallery of ThingsBoard Community, ThingsBoard Cloud and ThingsBoard Professional v3.8.1 allows attackers to execute arbitrary code via uploading a crafted file.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-05-12
CVE-2024-4981
A vulnerability was discovered in Pagure server. If a malicious user were to submit a git repository with symbolic links, the server could unintentionally show incorporate and make visible content from outside the git repo.
CVSS Score
7.6
EPSS Score
0.001
Published
2025-05-12
CVE-2025-44175
Tenda AC10 v4 V16.03.10.13 is vulnerable to Buffer Overflow in the GetParentControlInfo function.
CVSS Score
5.4
EPSS Score
0.001
Published
2025-05-12
CVE-2025-44176
Tenda FH451 V1.0.0.9 is vulnerable to Remote Code Execution in the formSafeEmailFilter function.
CVSS Score
6.5
EPSS Score
0.003
Published
2025-05-12
CVE-2023-34732
An issue in the userId parameter in the change password function of Flytxt NEON-dX v0.0.1-SNAPSHOT-6.9-qa-2-9-g5502a0c allows attackers to execute brute force attacks to discover user passwords.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-05-12
CVE-2025-45779
Tenda AC10 V1.0re_V15.03.06.46 is vulnerable to Buffer Overflow in the formSetPPTPUserList handler via the list POST parameter.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-05-12
CVE-2025-3632
IBM 4769 Developers Toolkit 7.0.0 through 7.5.52 could allow a remote attacker to cause a denial of service in the Hardware Security Module (HSM) due to improper memory allocation of an excessive size.
CVSS Score
7.5
EPSS Score
0.002
Published
2025-05-12
CVE-2025-44022
An issue in vvveb CMS v.1.0.6 allows a remote attacker to execute arbitrary code via the Plugin mechanism.
CVSS Score
9.8
EPSS Score
0.008
Published
2025-05-12
CVE-2025-44830
EngineerCMS v1.02 through v.2.0.5 has a SQL injection vulnerability in the /project/addprojtemplet interface.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-05-12


Products
Pricing
Contact Us

Shodan ® - All rights reserved