Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2026-20969
Improper input validation in SecSettings prior to SMR Jan-2026 Release 1 allows local attacker to access file with system privilege. User interaction is required for triggering this vulnerability.
CVSS Score
5.5
EPSS Score
0.001
Published
2026-01-09
CVE-2026-20970
Improper access control in SLocation prior to SMR Jan-2026 Release 1 allows local attackers to execute the privileged APIs.
CVSS Score
7.8
EPSS Score
0.0
Published
2026-01-09
CVE-2026-20971
Use After Free in PROCA driver prior to SMR Jan-2026 Release 1 allows local attackers to potentially execute arbitrary code.
CVSS Score
7.8
EPSS Score
0.0
Published
2026-01-09
CVE-2026-20972
Improper Export of Android Application Components in UwbTest prior to SMR Jan-2026 Release 1 allows local attackers to enable UWB.
CVSS Score
3.3
EPSS Score
0.0
Published
2026-01-09
CVE-2026-20973
Out-of-bounds read in libimagecodec.quram.so prior to SMR Jan-2026 Release 1 allows remote attacker to access out-of-bounds memory.
CVSS Score
5.3
EPSS Score
0.001
Published
2026-01-09
CVE-2026-20974
Improper input validation in data related to network restrictions prior to SMR Jan-2026 Release 1 allows physical attackers to bypass Carrier Relock.
CVSS Score
4.6
EPSS Score
0.0
Published
2026-01-09
CVE-2026-22713
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Wikimedia Foundation Mediawiki - GrowthExperiments Extension allows Cross-Site Scripting (XSS).This issue affects Mediawiki - GrowthExperiments Extension: 1.45, 1.44, 1.43, 1.39.
CVSS Score
5.4
EPSS Score
0.001
Published
2026-01-09
CVE-2026-0732
A vulnerability was found in D-Link DI-8200G 17.12.20A1. This affects an unknown function of the file /upgrade_filter.asp. The manipulation of the argument path results in command injection. The attack may be performed from remote. The exploit has been made public and could be used.
CVSS Score
6.3
EPSS Score
0.003
Published
2026-01-09
CVE-2026-0733
A vulnerability was determined in PHPGurukul Online Course Registration System up to 3.1. This impacts an unknown function of the file /onlinecourse/admin/manage-students.php. This manipulation of the argument id/cid causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized.
CVSS Score
6.3
EPSS Score
0.0
Published
2026-01-09
CVE-2026-22710
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Wikimedia Foundation Mediawiki - Wikibase Extension allows Cross-Site Scripting (XSS).This issue affects Mediawiki - Wikibase Extension: 1.45, 1.44, 1.43, 1.39.
CVSS Score
5.4
EPSS Score
0.001
Published
2026-01-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved