Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2025-68924
In Umbraco UmbracoForms through 8.13.16, an authenticated attacker can supply a malicious WSDL (aka Webservice) URL as a data source for remote code execution.
CVSS Score
7.5
EPSS Score
0.001
Published
2026-01-16
CVE-2025-48647
In cpm_fwtp_msg_handler of cpm/google/lib/tracepoint/cpm_fwtp_ipc.c, there is a possible memory overwrite due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVSS Score
7.8
EPSS Score
0.0
Published
2026-01-16
CVE-2025-31186
A permissions issue was addressed with additional restrictions. This issue is fixed in Xcode 16.3. An app may be able to bypass Privacy preferences.
CVSS Score
3.3
EPSS Score
0.0
Published
2026-01-16
CVE-2025-43508
A logging issue was addressed with improved data redaction. This issue is fixed in macOS Tahoe 26.1. An app may be able to access sensitive user data.
CVSS Score
5.5
EPSS Score
0.0
Published
2026-01-16
CVE-2024-44238
The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.1 and iPadOS 18.1. An app may be able to corrupt coprocessor memory.
CVSS Score
7.8
EPSS Score
0.0
Published
2026-01-16
CVE-2024-54556
This issue was addressed through improved state management. This issue is fixed in iOS 18.1 and iPadOS 18.1. A user may be able to view restricted content from the lock screen.
CVSS Score
2.4
EPSS Score
0.0
Published
2026-01-16
CVE-2025-24089
A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.3 and iPadOS 18.3. An app may be able to enumerate a user's installed apps.
CVSS Score
5.3
EPSS Score
0.0
Published
2026-01-16
CVE-2025-24090
A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.3 and iPadOS 18.3. An app may be able to enumerate a user's installed apps.
CVSS Score
3.3
EPSS Score
0.0
Published
2026-01-16
CVE-2024-44210
This issue was addressed with improved permissions checking. This issue is fixed in macOS Sequoia 15.1. An app may be able to access user-sensitive data.
CVSS Score
3.3
EPSS Score
0.0
Published
2026-01-16
CVE-2026-0949
PEM versions prior to 9.8.1 are affected by a stored Cross-site Scripting (XSS) vulnerability that allows users with access to the Manage Charts menu to inject arbitrary JavaScript when creating a new chart, which is then executed by any user accessing the chart. By default only the superuser and users with pem_admin or pem_super_admin privileges are able to access the Manage Charts menu.
CVSS Score
6.5
EPSS Score
0.0
Published
2026-01-16


Products
Pricing
Contact Us

Shodan ® - All rights reserved