Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2025-40602
Known exploited
A local privilege escalation vulnerability due to insufficient authorization in the SonicWall SMA1000 appliance management console (AMC).
CVSS Score
6.6
EPSS Score
0.003
Published
2025-12-18
CVE-2025-64997
Insufficient permission validation in Checkmk versions prior to 2.4.0p17 and 2.3.0p42 allow low-privileged users to view agent information via the REST API, which could lead to information disclosure.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-12-18
CVE-2025-14874
A flaw was found in Nodemailer. This vulnerability allows a denial of service (DoS) via a crafted email address header that triggers infinite recursion in the address parser.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-12-18
CVE-2025-64217
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeGoods Photography photography allows Reflected XSS.This issue affects Photography: from n/a through <= 7.7.2.
CVSS Score
7.1
EPSS Score
0.0
Published
2025-12-18
CVE-2025-60089
Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms FreshDesk Plugin gf-freshdesk allows Object Injection.This issue affects WP Gravity Forms FreshDesk Plugin: from n/a through <= 1.3.5.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-12-18
CVE-2025-60090
Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Insightly gf-insightly allows Object Injection.This issue affects WP Gravity Forms Insightly: from n/a through <= 1.1.6.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-12-18
CVE-2025-60091
Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Zoho CRM and Bigin gf-zoho allows Object Injection.This issue affects WP Gravity Forms Zoho CRM and Bigin: from n/a through <= 1.2.9.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-12-18
CVE-2025-60174
Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Constant Contact Plugin gf-constant-contact allows Object Injection.This issue affects WP Gravity Forms Constant Contact Plugin: from n/a through <= 1.1.2.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-12-18
CVE-2025-60178
Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms HubSpot gf-hubspot allows Object Injection.This issue affects WP Gravity Forms HubSpot: from n/a through <= 1.2.6.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-12-18
CVE-2025-60180
Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Salesforce gf-salesforce-crmperks allows Object Injection.This issue affects WP Gravity Forms Salesforce: from n/a through <= 1.5.1.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-12-18


Products
Pricing
Contact Us

Shodan ® - All rights reserved