Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In May 2025
CVE-2025-48754
In the memory_pages crate 0.1.0 for Rust, division by zero can occur.
CVSS Score
2.9
EPSS Score
0.002
Published
2025-05-24
CVE-2025-48755
In the spiral-rs crate 0.2.0 for Rust, allocation can be attempted for a ZST (zero-sized type).
CVSS Score
2.9
EPSS Score
0.002
Published
2025-05-24
CVE-2025-48756
In group_number in the scsir crate 0.2.0 for Rust, there can be an overflow because a hardware device may expect a small number of bits (e.g., 5 bits) for group number.
CVSS Score
2.9
EPSS Score
0.002
Published
2025-05-24
CVE-2025-48751
The process_lock crate 0.1.0 for Rust allows data races in unlock.
CVSS Score
2.9
EPSS Score
0.002
Published
2025-05-24
CVE-2025-48752
In the process-sync crate 0.2.2 for Rust, the drop function lacks a check for whether the pthread_mutex is unlocked.
CVSS Score
2.9
EPSS Score
0.002
Published
2025-05-24
CVE-2025-48753
In the anode crate 0.1.0 for Rust, data races can occur in unlock in SpinLock.
CVSS Score
2.9
EPSS Score
0.002
Published
2025-05-24
CVE-2025-5119
A vulnerability has been found in Emlog Pro 2.5.11 and classified as critical. This vulnerability affects unknown code of the file /include/controller/api_controller.php. The manipulation of the argument tag leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure and confirmed the existence of the vulnerability.
CVSS Score
6.9
EPSS Score
0.002
Published
2025-05-23
CVE-2025-44998
A stored cross-site scripting (XSS) vulnerability in the component /tinyfilemanager.php of TinyFileManager v2.4.7 allows attackers to execute arbitrary JavaScript or HTML via injecting a crafted payload into the js-theme-3 parameter.
CVSS Score
6.1
EPSS Score
0.002
Published
2025-05-23
CVE-2025-46176
Hardcoded credentials in the Telnet service in D-Link DIR-605L v2.13B01 and DIR-816L v2.06B01 allow attackers to remotely execute arbitrary commands via firmware analysis.
CVSS Score
6.5
EPSS Score
0.004
Published
2025-05-23
CVE-2024-51102
PHPGURUKUL Student Management System using PHP and MySQL v1 was discovered to contain multiple SQL injection vulnerabilities at /studentrecordms/login.php via the username and password parameters.
CVSS Score
4.4
EPSS Score
0.001
Published
2025-05-23


Products
Pricing
Contact Us

Shodan ® - All rights reserved