Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In April 2025
CVE-2025-43015
In JetBrains RubyMine before 2025.1 remote Interpreter overwrote ports to listen on all interfaces
CVSS Score
8.3
EPSS Score
0.0
Published
2025-04-17
CVE-2025-42921
In JetBrains Toolbox App before 2.6 host key verification was missing in SSH plugin
CVSS Score
4.2
EPSS Score
0.0
Published
2025-04-17
CVE-2025-43013
In JetBrains Toolbox App before 2.6 unencrypted credential transmission during SSH authentication was possible
CVSS Score
6.9
EPSS Score
0.0
Published
2025-04-17
CVE-2025-32526
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dylan James Zephyr Project Manager allows Reflected XSS. This issue affects Zephyr Project Manager: from n/a through 3.3.101.
CVSS Score
7.1
EPSS Score
0.0
Published
2025-04-17
CVE-2025-29042
An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the macaddr key value to the function 0x42232c
CVSS Score
9.8
EPSS Score
0.008
Published
2025-04-17
CVE-2025-29043
An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the function 0x417234
CVSS Score
9.8
EPSS Score
0.008
Published
2025-04-17
CVE-2025-25457
Tenda AC10 V4.0si_V16.03.10.20 is vulnerable to Buffer Overflow in AdvSetMacMtuWan via cloneType2.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-04-17
CVE-2025-24577
Missing Authorization vulnerability in Ays Pro Poll Maker allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Poll Maker: from n/a through 5.5.0.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-04-17
CVE-2024-55238
OpenMetadata <=1.4.1 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the WorkflowDAO interface. The workflowtype and status parameters can be used to build a SQL query.
CVSS Score
7.1
EPSS Score
0.0
Published
2025-04-17
CVE-2024-56518
Hazelcast Management Center through 6.0 allows remote code execution via a JndiLoginModule user.provider.url in a hazelcast-client XML document (aka a client configuration file), which can be uploaded at the /cluster-connections URI.
CVSS Score
9.8
EPSS Score
0.004
Published
2025-04-17


Products
Pricing
Contact Us

Shodan ® - All rights reserved