Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In July 2025
CVE-2025-7792
A vulnerability was found in Tenda FH451 1.0.0.9. It has been rated as critical. This issue affects the function formSafeEmailFilter of the file /goform/SafeEmailFilter. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
7.4
EPSS Score
0.005
Published
2025-07-18
CVE-2025-7793
A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. Affected is the function formWebTypeLibrary of the file /goform/webtypelibrary. The manipulation of the argument webSiteId leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
7.4
EPSS Score
0.005
Published
2025-07-18
CVE-2025-7794
A vulnerability classified as critical was found in Tenda FH451 1.0.0.9. Affected by this vulnerability is the function fromNatStaticSetting of the file /goform/NatStaticSetting. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
7.4
EPSS Score
0.005
Published
2025-07-18
CVE-2025-50586
StudentManage v1.0 was discovered to contain Cross-Site Request Forgery (CSRF).
CVSS Score
6.5
EPSS Score
0.0
Published
2025-07-18
CVE-2025-53762
Permissive list of allowed inputs in Microsoft Purview allows an authorized attacker to elevate privileges over a network.
CVSS Score
8.7
EPSS Score
0.008
Published
2025-07-18
CVE-2025-49746
Improper authorization in Azure Machine Learning allows an authorized attacker to elevate privileges over a network.
CVSS Score
9.9
EPSS Score
0.008
Published
2025-07-18
CVE-2025-49747
Missing authorization in Azure Machine Learning allows an authorized attacker to elevate privileges over a network.
CVSS Score
9.9
EPSS Score
0.006
Published
2025-07-18
CVE-2025-47995
Weak authentication in Azure Machine Learning allows an authorized attacker to elevate privileges over a network.
CVSS Score
6.5
EPSS Score
0.014
Published
2025-07-18
CVE-2025-47158
Authentication bypass by assumed-immutable data in Azure DevOps allows an unauthorized attacker to elevate privileges over a network.
CVSS Score
9.0
EPSS Score
0.002
Published
2025-07-18
CVE-2025-45157
Insecure permissions in Splashin iOS v2.0 allow unauthorized attackers to access location data for specific users.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-07-18


Products
Pricing
Contact Us

Shodan ® - All rights reserved