Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2025-54332
An issue was discovered in NPU in Samsung Mobile Processor Exynos 1380 through July 2025. There is a NULL Pointer Dereference of profiler.node in the npu_vertex_profileoff function.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-11-04
CVE-2025-54863
Radiometrics VizAir is vulnerable to exposure of the system's REST API key through a publicly accessible configuration file. This allows attackers to remotely alter weather data and configurations, automate attacks against multiple instances, and extract sensitive meteorological data, which could potentially compromise airport operations. Additionally, attackers could flood the system with false alerts, leading to a denial-of-service condition and significant disruption to airport operations. Unauthorized remote control over aviation weather monitoring and data manipulation could result in incorrect flight planning and hazardous takeoff and landing conditions.
CVSS Score
10.0
EPSS Score
0.001
Published
2025-11-04
CVE-2025-41341
A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameters 'id_denuncia' and 'seguro' in '/backend/api/buscarUsuarioByDenuncia.php'.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-11-04
CVE-2025-41342
A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameter 'id_user' in '/backend/api/buscarUsuarioId.php'.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-11-04
CVE-2025-41343
A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameter 'email' in '/backend/api/users/searchUserByEmail.php'.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-11-04
CVE-2025-41344
A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameter 'id_archivo' in '/backend/api/verArchivo.php'.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-11-04
CVE-2025-41345
A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameters 'id_denuncia' and 'id_user' in '/backend/api/buscarDenunciasById.php'.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-11-04
CVE-2025-41335
A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameters 'id' and ' 'id_sociedad' in '/api/buscarEmpresaById.php'.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-11-04
CVE-2025-41336
A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameter 'web' in '/backend/api/buscarConfiguracionParametros.php'.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-11-04
CVE-2025-41337
A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameter 'web' in '/backend/api/buscarSSOParametros.php'.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-11-04


Products
Pricing
Contact Us

Shodan ® - All rights reserved