Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In October 2024
CVE-2024-40792
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. A malicious app may be able to change network settings.
CVSS Score
3.3
EPSS Score
0.001
Published
2024-10-28
CVE-2024-40851
This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 18.1 and iPadOS 18.1. An attacker with physical access may be able to access contact photos from the lock screen.
CVSS Score
2.4
EPSS Score
0.002
Published
2024-10-28
CVE-2024-40853
This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 18 and iPadOS 18. An attacker may be able to use Siri to enable Auto-Answer Calls.
CVSS Score
3.3
EPSS Score
0.002
Published
2024-10-28
CVE-2024-40855
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7.1, macOS Ventura 13.7.1, visionOS 2. A sandboxed app may be able to access sensitive user data.
CVSS Score
5.5
EPSS Score
0.0
Published
2024-10-28
CVE-2024-40867
A custom URL scheme handling issue was addressed with improved input validation. This issue is fixed in iOS 18.1 and iPadOS 18.1. A remote attacker may be able to break out of Web Content sandbox.
CVSS Score
9.6
EPSS Score
0.016
Published
2024-10-28
CVE-2024-50436
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in themehorse Clean Retina clean-retina.This issue affects Clean Retina: from n/a through <= 3.0.6.
CVSS Score
8.8
EPSS Score
0.018
Published
2024-10-28
CVE-2024-50453
Relative Path Traversal vulnerability in webangon The Pack Elementor addons the-pack-addon allows PHP Local File Inclusion.This issue affects The Pack Elementor addons: from n/a through <= 2.0.9.
CVSS Score
8.8
EPSS Score
0.011
Published
2024-10-28
CVE-2024-50457
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Qode Qode Essential Addons qode-essential-addons.This issue affects Qode Essential Addons: from n/a through <= 1.6.3.
CVSS Score
8.8
EPSS Score
0.031
Published
2024-10-28
CVE-2024-48357
LyLme Spage 1.2.0 through 1.6.0 is vulnerable to SQL Injection via /admin/apply.php.
CVSS Score
9.8
EPSS Score
0.001
Published
2024-10-28
CVE-2024-48825
Tenda AC7 v.15.03.06.44 ate_ifconfig_set has pre-authentication command injection allowing remote attackers to execute arbitrary code.
CVSS Score
8.8
EPSS Score
0.027
Published
2024-10-28


Products
Pricing
Contact Us

Shodan ® - All rights reserved