Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2025-64658
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Shell allows an authorized attacker to elevate privileges locally.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-12-09
CVE-2025-64661
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Shell allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-12-09
CVE-2025-64666
Improper input validation in Microsoft Exchange Server allows an authorized attacker to elevate privileges over a network.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-12-09
CVE-2025-64085
A NULL pointer dereference vulnerability in the importDataObject() function of PDF-XChange Editor v10.7.3.401 allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-12-09
CVE-2025-64086
A NULL pointer dereference vulnerability in the util.readFileIntoStream component of PDF-XChange Editor v10.7.3.401 allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-12-09
CVE-2025-64153
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiExtender 7.6.0 through 7.6.3, FortiExtender 7.4.0 through 7.4.7, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated attacker to execute unauthorized code or commands via a specific HTTP request.
CVSS Score
7.2
EPSS Score
0.002
Published
2025-12-09
CVE-2025-62569
Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.
CVSS Score
7.0
EPSS Score
0.0
Published
2025-12-09
CVE-2025-62570
Improper access control in Windows Camera Frame Server Monitor allows an authorized attacker to disclose information locally.
CVSS Score
7.1
EPSS Score
0.0
Published
2025-12-09
CVE-2025-62571
Improper input validation in Windows Installer allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.001
Published
2025-12-09
CVE-2025-62572
Out-of-bounds read in Application Information Services allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-12-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved