6.5

CVSS3.1

CVE-2024-56964 -

An issue in Che Hao Duo Used Automobile Agency (Beijing) Co., Ltd Guazi Used Car iOS 10.15.1 allows attackers to access sensitive user information via supplying a crafted link.

📅 Published: Jan. 27, 2025, midnight 🔄 Last Modified: April 15, 2026, 12:35 a.m.

6.5

CVSS3.1

CVE-2024-56955 -

An issue in Tencent Technology (Shenzhen) Company Limited QQMail iOS 6.6.4 allows attackers to access sensitive user information via supplying a crafted link.

📅 Published: Jan. 27, 2025, midnight 🔄 Last Modified: April 15, 2026, 12:35 a.m.

7.5

CVSS3.1

CVE-2024-57546 -

An issue in CMSimple v.5.16 allows a remote attacker to obtain sensitive information via a crafted script to the validate link function.

📅 Published: Jan. 27, 2025, midnight 🔄 Last Modified: April 16, 2025, 3:14 p.m.

6.5

CVSS3.1

CVE-2024-56966 -

An issue in Shanghai Xuan Ting Entertainment Information & Technology Co., Ltd Qidian Reader iOS 5.9.384 allows attackers to access sensitive user information via supplying a crafted link.

📅 Published: Jan. 27, 2025, midnight 🔄 Last Modified: April 15, 2026, 12:35 a.m.

6.5

CVSS3.1

CVE-2024-56963 -

An issue in Beijing Sogou Technology Development Co., Ltd Sogou Input iOS 12.2.0 allows attackers to access sensitive user information via supplying a crafted link.

📅 Published: Jan. 27, 2025, midnight 🔄 Last Modified: April 15, 2026, 12:35 a.m.

6.5

CVSS3.1

CVE-2024-56948 -

An issue in KuGou Technology CO. LTD KuGou Music iOS v20.0.0 allows attackers to access sensitive user information via supplying a crafted link.

📅 Published: Jan. 27, 2025, midnight 🔄 Last Modified: April 15, 2026, 12:35 a.m.

6.5

CVSS3.1

CVE-2024-54728 -

Incorrect access control in BYD QIN PLUS DM-i Dilink OS 3.0_13.1.7.2204050.1 allows unauthorized attackers to access system logcat logs.

📅 Published: Jan. 27, 2025, midnight 🔄 Last Modified: April 15, 2026, 12:35 a.m.

9.1

CVSS3.1

CVE-2024-57548 -

CMSimple 5.16 allows the user to edit log.php file via print page.

📅 Published: Jan. 27, 2025, midnight 🔄 Last Modified: April 11, 2025, 7:06 p.m.

6.1

CVSS3.1

CVE-2024-57272 -

SecuSTATION Camera V2.5.5.3116-S50-SMA-B20160811A and lower is vulnerable to Cross Site Scripting (XSS).

📅 Published: Jan. 27, 2025, midnight 🔄 Last Modified: April 15, 2026, 12:35 a.m.

6.5

CVSS3.1

CVE-2024-56968 -

An issue in Shenzhen Intellirocks Tech Co. Ltd Govee Home iOS 6.5.01 allows attackers to access sensitive user information via supplying a crafted payload.

📅 Published: Jan. 27, 2025, midnight 🔄 Last Modified: April 15, 2026, 12:35 a.m.

CVE Authored by @scan9

6.5

CVE-2024-56964 -

6.5

CVE-2024-56955 -

7.5

CVE-2024-57546 -

6.5

CVE-2024-56966 -

6.5

CVE-2024-56963 -

6.5

CVE-2024-56948 -

6.5

CVE-2024-54728 -

9.1

CVE-2024-57548 -

6.1

CVE-2024-57272 -

6.5

CVE-2024-56968 -