Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In October 2025
CVE-2025-12516
Lack of Graceful Error Handling - HTTP 5xx ErrorThis issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5 .
CVSS Score
10.0
EPSS Score
0.001
Published
2025-10-30
CVE-2025-12517
Credits Page not Matching Versions in Use in the FirmwareThis issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5 .
CVSS Score
2.1
EPSS Score
0.0
Published
2025-10-30
CVE-2025-36592
Dell Secure Connect Gateway (SCG) Policy Manager, version(s) 5.20. 5.22, 5.24, 5.26, 5.28, contain(s) an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Script injection.
CVSS Score
5.4
EPSS Score
0.001
Published
2025-10-30
CVE-2025-46363
Dell Secure Connect Gateway (SCG) 5.0 Application and Appliance version(s) 5.26.00.00 - 5.30.00.00, contain a Relative Path Traversal vulnerability in the SCG exposed for an internal collection download REST API (if this REST API is enabled by Admin user from UI). A low privileged attacker with remote access could potentially exploit this vulnerability, leading to allowing relative path traversal to restricted resources.
CVSS Score
4.3
EPSS Score
0.001
Published
2025-10-30
CVE-2025-12515
Systemic Internal Server Errors - HTTP 500 ResponseThis issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5 .
CVSS Score
10.0
EPSS Score
0.001
Published
2025-10-30
CVE-2025-5342
Zohocorp ManageEngine Exchange Reporter Plus through 5721 are vulnerable to ReDOS vulnerability in the search module.
CVSS Score
4.3
EPSS Score
0.001
Published
2025-10-30
CVE-2025-5343
Zohocorp ManageEngine Exchange Reporter Plus versions through 5721 are vulnerable to Stored Cross Site Scripting in the Instant Search option.
CVSS Score
6.3
EPSS Score
0.0
Published
2025-10-30
CVE-2025-5347
Zohocorp ManageEngine Exchange Reporter Plus versions before 5723 are vulnerable to Stored Cross Site Scripting in the reports module.
CVSS Score
6.3
EPSS Score
0.0
Published
2025-10-30
CVE-2025-43942
Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution and Elevation of privileges.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-10-30
CVE-2025-46422
Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-10-30


Products
Pricing
Contact Us

Shodan ® - All rights reserved