Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2025-22170
Jira Align is vulnerable to an authorization issue. A low-privilege user without sufficient privileges to perform an action could if they included a particular state-related parameter of a user with sufficient privileges to perform the action.
CVSS Score
4.3
EPSS Score
0.0
Published
2025-10-22
CVE-2025-22171
Jira Align is vulnerable to an authorization issue. A low-privilege user is able to alter the private checklists of other users.
CVSS Score
4.3
EPSS Score
0.0
Published
2025-10-22
CVE-2025-22172
Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected endpoints that disclose a small amount of sensitive information. For example, a low-level user was able to read external reports without the required permission.
CVSS Score
4.3
EPSS Score
0.0
Published
2025-10-22
CVE-2025-22173
Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected endpoints that disclose a small amount of sensitive information. For example, a low-level user was able to view certain sprint data without the required permission.
CVSS Score
4.3
EPSS Score
0.0
Published
2025-10-22
CVE-2025-22174
Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected endpoints that disclose a small amount of sensitive information. For example, a low-level user was able to view portfolio rooms without the required permission.
CVSS Score
4.3
EPSS Score
0.0
Published
2025-10-22
CVE-2025-22175
Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected endpoints that disclose a small amount of sensitive information. For example, a low-level user was able to modify the steps of another user's private checklist.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-10-22
CVE-2025-11957
Improper authorization in the temporary access workflow of Devolutions Server 2025.2.12.0 and earlier allows an authenticated basic user to self-approve or approve the temporary access requests of other users and gain unauthorized access to vaults and entries via crafted API requests.
CVSS Score
8.4
EPSS Score
0.001
Published
2025-10-22
CVE-2025-11958
An improper input validation in the Security Dashboard ignored-tasks API of Devolutions Server 2025.2.15.0 and earlier allows an authenticated user to cause a denial of service to the Security Dashboard via a crafted request.
CVSS Score
4.1
EPSS Score
0.001
Published
2025-10-22
CVE-2025-60335
A NULL pointer dereference in the main function of TOTOLINK N600R v4.3.0cu.7866_B20220506 allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.
CVSS Score
7.5
EPSS Score
0.009
Published
2025-10-22
CVE-2025-60338
Tenda AC6 V2.0 15.03.06.50 was discovered to contain a stack overflow in the page parameter in the DhcpListClient function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-10-22


Products
Pricing
Contact Us

Shodan ® - All rights reserved