Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2025-46660
An issue was discovered in 4C Strategies Exonaut 21.6. Passwords, stored in the database, are hashed without a salt.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-08-06
CVE-2025-51052
A path traversal vulnerability in Vedo Suite 2024.17 allows remote authenticated attackers to read arbitrary filesystem files by exploiting an unsanitized 'file_get_contents()' function call in '/api_vedo/template'.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-08-06
CVE-2025-51053
A Cross-site scripting (XSS) vulnerability in /api_vedo/ in Vedo Suite version 2024.17 allows remote attackers to inject arbitrary Javascript or HTML code and potentially trigger code execution in victim's browser.
CVSS Score
6.1
EPSS Score
0.001
Published
2025-08-06
CVE-2025-51054
Vedo Suite 2024.17 is vulnerable to Incorrect Access Control, which allows remote attackers to obtain a valid high privilege JWT token without prior authentication via sending an empty HTTP POST request to the /autologin/ API endpoint.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-08-06
CVE-2024-55399
4C Strategies Exonaut before v21.6.2.1-1 was discovered to contain a Server-Side Request Forgery (SSRF).
CVSS Score
6.5
EPSS Score
0.0
Published
2025-08-06
CVE-2024-55402
4C Strategies Exonaut before v22.4 was discovered to contain an access control issue.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-08-06
CVE-2024-55398
4C Strategies Exonaut before v22.4 was discovered to contain insecure permissions.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-08-06
CVE-2025-46659
An issue was discovered in ExonautWeb in 4C Strategies Exonaut 21.6. Information disclosure can occur via an external HTTPS request.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-08-06
CVE-2025-38747
Dell SupportAssist OS Recovery, versions prior to 5.5.14.0, contain a Creation of Temporary File With Insecure Permissions vulnerability. A local authenticated attacker could potentially exploit this vulnerability, leading to Elevation of Privileges.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-08-06
CVE-2025-45766
poco v1.14.1-release was discovered to contain weak encryption. NOTE: this issue has been disputed on the basis that key lengths are expected to be set by an application, not by this library. This dispute is subject to review under CNA rules 4.1.4, 4.1.14, and other rules; the dispute tagging is not meant to recommend an outcome for this CVE Record.
CVSS Score
7.0
EPSS Score
0.0
Published
2025-08-06


Products
Pricing
Contact Us

Shodan ® - All rights reserved