Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In May 2025
CVE-2025-30665
NULL pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-05-14
CVE-2025-30666
NULL pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-05-14
CVE-2025-47708
Cross-Site Request Forgery (CSRF) vulnerability in Drupal Enterprise MFA - TFA for Drupal allows Cross Site Request Forgery.This issue affects Enterprise MFA - TFA for Drupal: from 0.0.0 before 4.7.0, from 5.0.0 before 5.2.0.
CVSS Score
8.8
EPSS Score
0.0
Published
2025-05-14
CVE-2025-47709
Missing Authorization vulnerability in Drupal Enterprise MFA - TFA for Drupal allows Forceful Browsing.This issue affects Enterprise MFA - TFA for Drupal: from 0.0.0 before 4.7.0, from 5.0.0 before 5.2.0.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-05-14
CVE-2025-47710
Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Enterprise MFA - TFA for Drupal allows Authentication Bypass.This issue affects Enterprise MFA - TFA for Drupal: from 0.0.0 before 4.7.0, from 5.0.0 before 5.2.0.
CVSS Score
7.4
EPSS Score
0.001
Published
2025-05-14
CVE-2025-44184
SourceCodester Best Employee Management System V1.0 is vulnerable to Cross Site Scripting (XSS) in /admin/profile.php via the website_image, fname, lname, contact, username, and address parameters.
CVSS Score
4.8
EPSS Score
0.0
Published
2025-05-14
CVE-2025-44186
SourceCodester Best Employee Management System 1.0 is vulnerable to Cross Site Request Forgery (CSRF) in /admin/Operation/User.php page.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-05-14
CVE-2025-47701
Cross-Site Request Forgery (CSRF) vulnerability in Drupal Restrict route by IP allows Cross Site Request Forgery.This issue affects Restrict route by IP: from 0.0.0 before 1.3.0.
CVSS Score
8.8
EPSS Score
0.0
Published
2025-05-14
CVE-2025-47702
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal oEmbed Providers allows Cross-Site Scripting (XSS).This issue affects oEmbed Providers: from 0.0.0 before 2.2.2.
CVSS Score
6.1
EPSS Score
0.0
Published
2025-05-14
CVE-2025-47703
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal COOKiES Consent Management allows Cross-Site Scripting (XSS).This issue affects COOKiES Consent Management: from 0.0.0 before 1.2.14.
CVSS Score
6.1
EPSS Score
0.0
Published
2025-05-14


Products
Pricing
Contact Us

Shodan ® - All rights reserved