Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - Known exploited
CVE-2025-21479
Known exploited
Memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands.
CVSS Score
8.6
EPSS Score
0.001
Published
2025-06-03
CVE-2025-27038
Known exploited
Memory corruption while rendering graphics using Adreno GPU drivers in Chrome.
CVSS Score
7.5
EPSS Score
0.011
Published
2025-06-03
CVE-2025-21480
Known exploited
Memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands.
CVSS Score
8.6
EPSS Score
0.011
Published
2025-06-03
CVE-2025-5419
Known exploited
Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVSS Score
8.8
EPSS Score
0.013
Published
2025-06-03
CVE-2025-5086
Known exploited
A deserialization of untrusted data vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could lead to a remote code execution.
CVSS Score
9.0
EPSS Score
0.425
Published
2025-06-02
CVE-2025-48928
Known exploited
The TeleMessage service through 2025-05-05 is based on a JSP application in which the heap content is roughly equivalent to a "core dump" in which a password previously sent over HTTP would be included in this dump, as exploited in the wild in May 2025.
CVSS Score
4.0
EPSS Score
0.091
Published
2025-05-28
CVE-2025-48927
Known exploited
The TeleMessage service through 2025-05-05 configures Spring Boot Actuator with an exposed heap dump endpoint at a /heapdump URI, as exploited in the wild in May 2025.
CVSS Score
5.3
EPSS Score
0.072
Published
2025-05-28
CVE-2025-4008
Known exploited
The Meteobridge web interface let meteobridge administrator manage their weather station data collection and administer their meteobridge system through a web application written in CGI shell scripts and C. This web interface exposes an endpoint that is vulnerable to command injection. Remote unauthenticated attackers can gain arbitrary command execution with elevated privileges ( root ) on affected devices.
CVSS Score
8.8
EPSS Score
0.474
Published
2025-05-21
CVE-2025-32709
Known exploited
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.008
Published
2025-05-13
CVE-2025-32706
Known exploited
Improper input validation in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.013
Published
2025-05-13


Products
Pricing
Contact Us

Shodan ® - All rights reserved