Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2025-41443
Mattermost versions 10.5.x <= 10.5.12, 10.11.x <= 10.11.2 fail to properly validate guest user permissions when accessing channel information which allows guest users to discover active public channels and their metadata via the `/api/v4/teams/{team_id}/channels/ids` endpoint
CVSS Score
4.3
EPSS Score
0.0
Published
2025-10-16
CVE-2025-41018
SQL injection in Sergestec's Exito v8.0. This vulnerability allows an attacker to retrieve, create, update, and delete databases through the 'cat' parameter in '/public.php'.
CVSS Score
9.8
EPSS Score
0.0
Published
2025-10-16
CVE-2025-55084
In NetX Duo version before 6.4.4, the component of Eclipse Foundation ThreadX, there was an incorrect bound check in_nx_secure_tls_proc_clienthello_supported_versions_extension() in the extension version field.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-10-16
CVE-2025-55090
In NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _nx_ipv4_packet_receive() function when received an Ethernet frame with less than 4 bytes of IP packet.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-10-16
CVE-2025-62583
Whale Browser before 4.33.325.17 allows an attacker to escape the iframe sandbox in a dual-tab environment.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-10-16
CVE-2025-62584
Whale browser before 4.33.325.17 allows an attacker to bypass the Same-Origin Policy in a dual-tab environment.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-10-16
CVE-2025-62585
Whale browser before 4.33.325.17 allows an attacker to bypass the Content Security Policy via a specific scheme in a dual-tab environment.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-10-16
CVE-2025-0275
HCL BigFix Mobile 3.3 and earlier is affected by improper access control. Unauthorized users can access a small subset of endpoint actions, potentially allowing access to select internal functions.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-10-16
CVE-2025-0274
HCL BigFix Modern Client Management (MCM) 3.3 and earlier is affected by improper access control. Unauthorized users can access a small subset of endpoint actions, potentially allowing access to select internal functions.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-10-16
CVE-2025-62580
ASDA-Soft Stack-based Buffer Overflow Vulnerability
CVSS Score
7.8
EPSS Score
0.0
Published
2025-10-16


Products
Pricing
Contact Us

Shodan ® - All rights reserved