Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2025-21049
Improper access control in SecSettings prior to SMR Oct-2025 Release 1 allows local attackers to access sensitive information. User interaction is required for triggering this vulnerability.
CVSS Score
5.5
EPSS Score
0.0
Published
2025-10-10
CVE-2025-21050
Improper input validiation in Contacts prior to SMR Oct-2025 Release 1 allows local attackers to access data across multiple user profiles.
CVSS Score
7.1
EPSS Score
0.0
Published
2025-10-10
CVE-2025-21051
Out-of-bounds write in the pre-processing of JPEG decoding in libpadm.so prior to SMR Oct-2025 Release 1 allows local attackers to write out-of-bounds memory.
CVSS Score
4.0
EPSS Score
0.0
Published
2025-10-10
CVE-2025-21052
Out-of-bounds write under specific condition in the pre-processing of JPEG decoding in libpadm.so prior to SMR Oct-2025 Release 1 allows local attackers to cause memory corruption.
CVSS Score
4.0
EPSS Score
0.0
Published
2025-10-10
CVE-2025-21053
Out-of-bounds write in the parsing header for JPEG decoding in libpadm.so prior to SMR Oct-2025 Release 1 allows local attackers to cause memory corruption.
CVSS Score
4.0
EPSS Score
0.0
Published
2025-10-10
CVE-2025-21046
Improper access control in WindowManager in Samsung DeX prior to SMR Oct-2025 Release 1 allows physical attackers to temporarily access to recent app list.
CVSS Score
2.4
EPSS Score
0.0
Published
2025-10-10
CVE-2025-21047
Improper access control in KnoxGuard prior to SMR Oct-2025 Release 1 allows physical attackers to use the privileged APIs.
CVSS Score
5.2
EPSS Score
0.0
Published
2025-10-10
CVE-2025-21044
Out-of-bounds write in fingerprint trustlet prior to SMR Oct-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.
CVSS Score
5.7
EPSS Score
0.0
Published
2025-10-10
CVE-2025-59286
Copilot Spoofing Vulnerability
CVSS Score
6.5
EPSS Score
0.001
Published
2025-10-09
CVE-2025-61601
BigBlueButton is an open-source virtual classroom. A Denial of Service (DoS) vulnerability in versions prior to 3.0.13 allows any authenticated user to freeze or crash the entire server by abusing the polling feature's `Choices` response type. By submitting a malicious payload with a massive array in the `answerIds` field, the attacker can cause the current meeting — and potentially all meetings on the server — to become unresponsive. Version 3.0.13 contains a patch. No known workarounds are available.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-10-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved