Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In October 2024
CVE-2024-40853
This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 18 and iPadOS 18. An attacker may be able to use Siri to enable Auto-Answer Calls.
CVSS Score
3.3
EPSS Score
0.002
Published
2024-10-28
CVE-2024-40855
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS Sequoia 15, macOS Sonoma 14.7.1. A sandboxed app may be able to access sensitive user data.
CVSS Score
5.5
EPSS Score
0.0
Published
2024-10-28
CVE-2024-40867
A custom URL scheme handling issue was addressed with improved input validation. This issue is fixed in iOS 18.1 and iPadOS 18.1. A remote attacker may be able to break out of Web Content sandbox.
CVSS Score
9.6
EPSS Score
0.006
Published
2024-10-28
CVE-2024-50436
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Theme Horse Clean Retina.This issue affects Clean Retina: from n/a through 3.0.6.
CVSS Score
7.5
EPSS Score
0.018
Published
2024-10-28
CVE-2024-50453
Relative Path Traversal vulnerability in Webangon The Pack Elementor addons allows PHP Local File Inclusion.This issue affects The Pack Elementor addons: from n/a through 2.0.9.
CVSS Score
7.5
EPSS Score
0.008
Published
2024-10-28
CVE-2024-48357
LyLme Spage 1.2.0 through 1.6.0 is vulnerable to SQL Injection via /admin/apply.php.
CVSS Score
9.8
EPSS Score
0.001
Published
2024-10-28
CVE-2024-48825
Tenda AC7 v.15.03.06.44 ate_ifconfig_set has pre-authentication command injection allowing remote attackers to execute arbitrary code.
CVSS Score
8.8
EPSS Score
0.02
Published
2024-10-28
CVE-2024-48826
Tenda AC7 v.15.03.06.44 ate_iwpriv_set has pre-authentication command injection allowing remote attackers to execute arbitrary code.
CVSS Score
8.8
EPSS Score
0.02
Published
2024-10-28
CVE-2024-50434
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Theme Horse NewsCard.This issue affects NewsCard: from n/a through 1.3.
CVSS Score
7.5
EPSS Score
0.018
Published
2024-10-28
CVE-2024-50435
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Theme Horse Meta News.This issue affects Meta News: from n/a through 1.1.7.
CVSS Score
7.5
EPSS Score
0.018
Published
2024-10-28


Products
Pricing
Contact Us

Shodan ® - All rights reserved