Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2025-58475
Improper input validation in libsec-ril.so prior to SMR Dec-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.
CVSS Score
5.6
EPSS Score
0.0
Published
2025-12-02
CVE-2025-58476
Out-of-bounds read vulnerability in bootloader prior to SMR Dec-2025 Release 1 allows physical attackers to access out-of-bounds memory.
CVSS Score
4.2
EPSS Score
0.0
Published
2025-12-02
CVE-2025-58477
Out-of-bounds write in parsing IFD tag in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory.
CVSS Score
4.3
EPSS Score
0.001
Published
2025-12-02
CVE-2025-58478
Out-of-bounds write in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory.
CVSS Score
4.3
EPSS Score
0.001
Published
2025-12-02
CVE-2025-58479
Out-of-bounds read in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory.
CVSS Score
4.3
EPSS Score
0.0
Published
2025-12-02
CVE-2025-58480
Heap-based buffer overflow in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory.
CVSS Score
4.3
EPSS Score
0.001
Published
2025-12-02
CVE-2025-58481
Improper access control in MPRemoteService of MotionPhoto prior to version 4.1.51 allows local attackers to start privileged service.
CVSS Score
7.3
EPSS Score
0.0
Published
2025-12-02
CVE-2025-21072
Out-of-bounds write in decoding metadata in fingerprint trustlet prior to SMR Dec-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.
CVSS Score
5.7
EPSS Score
0.0
Published
2025-12-02
CVE-2025-21080
Improper export of android application components in Dynamic Lockscreen prior to SMR Dec-2025 Release 1 allows local attackers to access files with Dynamic Lockscreen's privilege.
CVSS Score
6.2
EPSS Score
0.0
Published
2025-12-02
CVE-2025-55129
HackerOne community member Kassem S.(kassem_s94) has reported that username handling in Revive Adserver was still vulnerable to impersonation attacks after the fix for CVE-2025-52672, via several alternate techniques. Homoglyphs based impersonation has been independently reported by other HackerOne users, such as itz_hari_ and khoof.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-12-02


Products
Pricing
Contact Us

Shodan ® - All rights reserved