Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In May 2025
CVE-2025-24155
The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.6, macOS Ventura 13.7.6. An app may be able to disclose kernel memory.
CVSS Score
5.5
EPSS Score
0.001
Published
2025-05-12
CVE-2025-24220
A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.9. An app may be able to read a persistent device identifier.
CVSS Score
5.5
EPSS Score
0.001
Published
2025-05-12
CVE-2025-1079
Client RCE on macOS and Linux via improper symbolic link resolution in Google Web Designer's preview feature
CVSS Score
7.8
EPSS Score
0.001
Published
2025-05-12
CVE-2025-47682
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Cozy Vision SMS Alert Order Notifications sms-alert allows SQL Injection.This issue affects SMS Alert Order Notifications: from n/a through <= 3.8.1.
CVSS Score
9.3
EPSS Score
0.002
Published
2025-05-12
CVE-2024-4982
A directory traversal vulnerability was discovered in Pagure server. If a malicious user submits a specially cratfted git repository they could discover secrets on the server.
CVSS Score
7.6
EPSS Score
0.002
Published
2025-05-12
CVE-2024-55466
An arbitrary file upload vulnerability in the Image Gallery of ThingsBoard Community, ThingsBoard Cloud and ThingsBoard Professional v3.8.1 allows attackers to execute arbitrary code via uploading a crafted file.
CVSS Score
6.5
EPSS Score
0.004
Published
2025-05-12
CVE-2024-4981
A vulnerability was discovered in Pagure server. If a malicious user were to submit a git repository with symbolic links, the server could unintentionally show incorporate and make visible content from outside the git repo.
CVSS Score
7.6
EPSS Score
0.001
Published
2025-05-12
CVE-2025-44175
Tenda AC10 v4 V16.03.10.13 is vulnerable to Buffer Overflow in the GetParentControlInfo function.
CVSS Score
5.4
EPSS Score
0.002
Published
2025-05-12
CVE-2025-44176
Tenda FH451 V1.0.0.9 is vulnerable to Remote Code Execution in the formSafeEmailFilter function.
CVSS Score
6.5
EPSS Score
0.013
Published
2025-05-12
CVE-2023-34732
An issue in the userId parameter in the change password function of Flytxt NEON-dX v0.0.1-SNAPSHOT-6.9-qa-2-9-g5502a0c allows attackers to execute brute force attacks to discover user passwords.
CVSS Score
5.4
EPSS Score
0.002
Published
2025-05-12


Products
Pricing
Contact Us

Shodan ® - All rights reserved