Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2025-30001
Incorrect Execution-Assigned Permissions vulnerability in Apache StreamPark. This issue affects Apache StreamPark: from 2.1.4 before 2.1.6. Users are recommended to upgrade to version 2.1.6, which fixes the issue.
CVSS Score
7.3
EPSS Score
0.001
Published
2025-10-10
CVE-2025-25017
Improper Neutralization of Input During Web Page Generation in Kibana can lead to Cross-Site Scripting (XSS)
CVSS Score
8.2
EPSS Score
0.0
Published
2025-10-10
CVE-2025-40640
Stored Cross-Site Scripting (XSS) vulnerability in Energy CRM v2025 by Status Tracker Ltd, consisting of a stored XSS due to lack of proper validation of user input by sending a POST request to “/crm/create_invoice_submit.php”, using the “customerName_0” parameter. This vulnerability could allow a remote user to send a specially crafted query to an authenticated user and steal their cookie session details.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-10-10
CVE-2025-21067
Out-of-bounds read in the allocation of image buffer in Samsung Notes prior to version 4.4.30.63 allows local attackers to access out-of-bounds memory.
CVSS Score
4.0
EPSS Score
0.0
Published
2025-10-10
CVE-2025-21068
Out-of-bounds read in the reading of image data in Samsung Notes prior to version 4.4.30.63 allows local attackers to access out-of-bounds memory.
CVSS Score
4.0
EPSS Score
0.0
Published
2025-10-10
CVE-2025-21069
Out-of-bounds read in the parsing of image data in Samsung Notes prior to version 4.4.30.63 allows local attackers to access out-of-bounds memory.
CVSS Score
4.0
EPSS Score
0.0
Published
2025-10-10
CVE-2025-21070
Out-of-bounds write in the SPI decoder in Samsung Notes prior to version 4.4.30.63 allows local attackers to write out-of-bounds memory.
CVSS Score
4.0
EPSS Score
0.0
Published
2025-10-10
CVE-2025-21061
Cleartext storage of sensitive information in Smart Switch prior to version 3.7.67.2 allows local attackers to access sensitive data. User interaction is required for triggering this vulnerability.
CVSS Score
7.1
EPSS Score
0.0
Published
2025-10-10
CVE-2025-21062
Use of a broken or risky cryptographic algorithm in Smart Switch prior to version 3.7.67.2 allows local attackers to replace the restoring application. User interaction is required for triggering this vulnerability.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-10-10
CVE-2025-21064
Improper authentication in Smart Switch prior to version 3.7.66.6 allows adjacent attackers to access transferring data.
CVSS Score
8.8
EPSS Score
0.0
Published
2025-10-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved