Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2025-10497
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.3.5, 18.4 before 18.4.3, and 18.5 before 18.5.1 that could have allowed an unauthenticated attacker to cause a denial of service condition by sending specially crafted payloads.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-10-27
CVE-2025-62723
FlashMQ is a MQTT broker/server, designed for multi-CPU environments. Prior to version 1.23.2, any authenticated user can create sessions and have them collect QoS messages. When not sent to a client, these are then not released upon (eventual) session expiration. Version 1.23.2 fixes the issue.
CVSS Score
4.3
EPSS Score
0.0
Published
2025-10-24
CVE-2025-62717
Emlog is an open source website building system. In version 2.5.23, Emlog Pro is vulnerable to a session verification code error due to a clearing logic error. This means the verification code could be reused anywhere an email verification code is required. This issue has been fixed in commit 1f726df.
CVSS Score
9.1
EPSS Score
0.0
Published
2025-10-24
CVE-2025-60954
Microweber CMS 2.0 has Weak Password Requirements. The application does not enforce minimum password length or complexity during password resets. Users can set extremely weak passwords, including single-character passwords, which can lead to account compromise, including administrative accounts.
CVSS Score
8.3
EPSS Score
0.0
Published
2025-10-24
CVE-2025-60731
PerfreeBlog v4.0.11 has a File Upload vulnerability in the installTheme function
CVSS Score
7.6
EPSS Score
0.0
Published
2025-10-24
CVE-2025-60735
PerfreeBlog v4.0.11 has a File Upload vulnerability in the installPlugin function
CVSS Score
7.6
EPSS Score
0.0
Published
2025-10-24
CVE-2025-60729
PerfreeBlog v4.0.11 has an arbitrary file read vulnerability in the validThemeFilePath function
CVSS Score
5.3
EPSS Score
0.0
Published
2025-10-24
CVE-2025-60730
PerfreeBlog v4.0.11 has an arbitrary file deletion vulnerability in the unInstallTheme function
CVSS Score
7.6
EPSS Score
0.0
Published
2025-10-24
CVE-2025-60566
D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetMACFilter.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-10-24
CVE-2025-60565
D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSchedule.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-10-24


Products
Pricing
Contact Us

Shodan ® - All rights reserved