Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2025-58476
Out-of-bounds read vulnerability in bootloader prior to SMR Dec-2025 Release 1 allows physical attackers to access out-of-bounds memory.
CVSS Score
4.2
EPSS Score
0.0
Published
2025-12-02
CVE-2025-58477
Out-of-bounds write in parsing IFD tag in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory.
CVSS Score
4.3
EPSS Score
0.001
Published
2025-12-02
CVE-2025-58478
Out-of-bounds write in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory.
CVSS Score
4.3
EPSS Score
0.001
Published
2025-12-02
CVE-2025-58479
Out-of-bounds read in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory.
CVSS Score
4.3
EPSS Score
0.0
Published
2025-12-02
CVE-2025-58480
Heap-based buffer overflow in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory.
CVSS Score
4.3
EPSS Score
0.0
Published
2025-12-02
CVE-2025-58481
Improper access control in MPRemoteService of MotionPhoto prior to version 4.1.51 allows local attackers to start privileged service.
CVSS Score
7.3
EPSS Score
0.0
Published
2025-12-02
CVE-2025-21072
Out-of-bounds write in decoding metadata in fingerprint trustlet prior to SMR Dec-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.
CVSS Score
5.7
EPSS Score
0.0
Published
2025-12-02
CVE-2025-21080
Improper export of android application components in Dynamic Lockscreen prior to SMR Dec-2025 Release 1 allows local attackers to access files with Dynamic Lockscreen's privilege.
CVSS Score
6.2
EPSS Score
0.0
Published
2025-12-02
CVE-2025-66448
vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.11.1, vllm has a critical remote code execution vector in a config class named Nemotron_Nano_VL_Config. When vllm loads a model config that contains an auto_map entry, the config class resolves that mapping with get_class_from_dynamic_module(...) and immediately instantiates the returned class. This fetches and executes Python from the remote repository referenced in the auto_map string. Crucially, this happens even when the caller explicitly sets trust_remote_code=False in vllm.transformers_utils.config.get_config. In practice, an attacker can publish a benign-looking frontend repo whose config.json points via auto_map to a separate malicious backend repo; loading the frontend will silently run the backend’s code on the victim host. This vulnerability is fixed in 0.11.1.
CVSS Score
7.1
EPSS Score
0.002
Published
2025-12-01
CVE-2025-66313
ChurchCRM is an open-source church management system. In ChurchCRM 6.2.0 and earlier, there is a time-based blind SQL injection in the handling of the 1FieldSec parameter. Injecting SLEEP() causes deterministic server-side delays, proving the value is incorporated into a SQL query without proper parameterization. The issue allows data exfiltration and modification via blind techniques.
CVSS Score
7.2
EPSS Score
0.0
Published
2025-12-01


Products
Pricing
Contact Us

Shodan ® - All rights reserved