Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In May 2025
CVE-2025-4658
Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification. As OPKSSH depends on the OpenPubkey library for authentication, this vulnerability in OpenPubkey also applies to OPKSSH versions prior to 0.5.0 and would allow an attacker to bypass OPKSSH authentication.
CVSS Score
9.8
EPSS Score
0.0
Published
2025-05-13
CVE-2025-32703
Insufficient granularity of access control in Visual Studio allows an authorized attacker to disclose information locally.
CVSS Score
5.5
EPSS Score
0.001
Published
2025-05-13
CVE-2025-32704
Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVSS Score
8.4
EPSS Score
0.001
Published
2025-05-13
CVE-2025-32705
Out-of-bounds read in Microsoft Office Outlook allows an unauthorized attacker to execute code locally.
CVSS Score
7.8
EPSS Score
0.001
Published
2025-05-13
CVE-2025-32706
Known exploited
Improper input validation in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.157
Published
2025-05-13
CVE-2025-32707
Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.001
Published
2025-05-13
CVE-2025-30393
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVSS Score
7.8
EPSS Score
0.001
Published
2025-05-13
CVE-2025-30394
Sensitive data storage in improperly locked memory in Remote Desktop Gateway Service allows an unauthorized attacker to deny service over a network.
CVSS Score
5.9
EPSS Score
0.001
Published
2025-05-13
CVE-2025-30397
Known exploited
Access of resource using incompatible type ('type confusion') in Microsoft Scripting Engine allows an unauthorized attacker to execute code over a network.
CVSS Score
7.5
EPSS Score
0.195
Published
2025-05-13
CVE-2025-30400
Known exploited
Use after free in Windows DWM allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.037
Published
2025-05-13


Products
Pricing
Contact Us

Shodan ® - All rights reserved