Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2025-27247
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission.
CVSS Score
5.5
EPSS Score
0.0
Published
2025-06-08
CVE-2025-27563
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission.
CVSS Score
3.3
EPSS Score
0.0
Published
2025-06-08
CVE-2025-21082
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause apps crash through type confusion.
CVSS Score
3.3
EPSS Score
0.0
Published
2025-06-08
CVE-2025-23235
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through out-of-bounds read.
CVSS Score
3.3
EPSS Score
0.0
Published
2025-06-08
CVE-2025-24493
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through race condition.
CVSS Score
5.5
EPSS Score
0.0
Published
2025-06-08
CVE-2025-25217
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference.
CVSS Score
3.3
EPSS Score
0.0
Published
2025-06-08
CVE-2025-20063
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause apps crash through type confusion.
CVSS Score
3.3
EPSS Score
0.0
Published
2025-06-08
CVE-2025-5839
A vulnerability, which was classified as critical, has been found in Tenda AC9 15.03.02.13. Affected by this issue is the function fromadvsetlanip of the file /goform/AdvSetLanip of the component POST Request Handler. The manipulation of the argument lanMask leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
8.8
EPSS Score
0.001
Published
2025-06-07
CVE-2025-5840
A vulnerability, which was classified as critical, was found in SourceCodester Client Database Management System 1.0. This affects an unknown part of the file /user_update_customer_order.php. The manipulation of the argument uploaded_file leads to unrestricted upload. It is possible to initiate the attack remotely.
CVSS Score
7.3
EPSS Score
0.0
Published
2025-06-07
CVE-2025-5838
A vulnerability classified as critical was found in PHPGurukul Employee Record Management System 1.3. Affected by this vulnerability is an unknown functionality of the file /admin/adminprofile.php. The manipulation of the argument AdminName leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
6.3
EPSS Score
0.0
Published
2025-06-07


Products
Pricing
Contact Us

Shodan ® - All rights reserved