Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2025-47548
Server-Side Request Forgery (SSRF) vulnerability in Varun Dubey Wbcom Designs - Activity Link Preview For BuddyPress allows Server Side Request Forgery. This issue affects Wbcom Designs - Activity Link Preview For BuddyPress: from n/a through 1.4.4.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-05-07
CVE-2025-47549
Unrestricted Upload of File with Dangerous Type vulnerability in Themefic BEAF allows Upload a Web Shell to a Web Server. This issue affects BEAF: from n/a through 4.6.10.
CVSS Score
9.1
EPSS Score
0.001
Published
2025-05-07
CVE-2025-47550
Unrestricted Upload of File with Dangerous Type vulnerability in Themefic Instantio allows Upload a Web Shell to a Web Server. This issue affects Instantio: from n/a through 3.3.16.
CVSS Score
6.6
EPSS Score
0.001
Published
2025-05-07
CVE-2025-20960
Improper handling of insufficient permission in CocktailBarService prior to SMR May-2025 Release 1 allows local attackers to use the privileged api.
CVSS Score
4.0
EPSS Score
0.0
Published
2025-05-07
CVE-2025-20961
Improper handling of insufficient permission or privileges in sepunion service prior to SMR May-2025 Release 1 allows local privileged attackers to access files with system privilege.
CVSS Score
5.5
EPSS Score
0.0
Published
2025-05-07
CVE-2025-20962
Improper handling of insufficient permission in SpenGesture service prior to SMR May-2025 Release 1 allows local attackers to track the S Pen position.
CVSS Score
4.0
EPSS Score
0.0
Published
2025-05-07
CVE-2025-20963
Out-of-bounds write in memory initialization in libsavsvc.so prior to SMR May-2025 Release 1 allows local attackers to write out-of-bounds memory.
CVSS Score
6.6
EPSS Score
0.0
Published
2025-05-07
CVE-2025-20964
Out-of-bounds write in parsing media files in libsavsvc.so prior to SMR May-2025 Release 1 allows local attackers to write out-of-bounds memory.
CVSS Score
6.6
EPSS Score
0.0
Published
2025-05-07
CVE-2025-20953
Improper access control in SmartManagerCN prior to SMR May-2025 Release 1 allows local attackers to launch activities within SmartManagerCN.
CVSS Score
5.1
EPSS Score
0.0
Published
2025-05-07
CVE-2025-20954
Use of implicit intent for sensitive communication in EnrichedCall prior to SMR May-2025 Release 1 allows local attackers to access sensitive information. User interaction is required for triggering this vulnerability.
CVSS Score
5.5
EPSS Score
0.0
Published
2025-05-07


Products
Pricing
Contact Us

Shodan ® - All rights reserved