Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2025-13018
Mitigation bypass in the DOM: Security component. This vulnerability affects Firefox < 145 and Firefox ESR < 140.5.
CVSS Score
8.1
EPSS Score
0.0
Published
2025-11-11
CVE-2025-41106
HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation of user inputs by sending a POST request in parameter 'first_name' in '/clients/save_contact/'.
CVSS Score
5.4
EPSS Score
0.001
Published
2025-11-11
CVE-2025-41103
HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation of user inputs by sending a POST request in parameter 'reply_message' in '/messages/reply'.
CVSS Score
5.4
EPSS Score
0.001
Published
2025-11-11
CVE-2025-41104
HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation of user inputs by sending a POST request in parameter 'custom_field_1' in '/estimate_requests/save_estimate_request'.
CVSS Score
5.4
EPSS Score
0.001
Published
2025-11-11
CVE-2025-41105
HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation of user inputs by sending a POST request in parameter 'title' in '/tickets/save'.
CVSS Score
5.4
EPSS Score
0.001
Published
2025-11-11
CVE-2025-41101
HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation of user inputs by sending a POST request in parameter 'title' in'/projects/save'.
CVSS Score
5.4
EPSS Score
0.001
Published
2025-11-11
CVE-2025-41102
HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation of user inputs by sending a POST request in parameter 'title' in '/events/save'.
CVSS Score
5.4
EPSS Score
0.001
Published
2025-11-11
CVE-2017-20210
Photo Station 5.4.1 & 5.2.7 include the security fix for the vulnerability related to the XMR mining programs identified by internal research.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-11-11
CVE-2025-63149
Tenda AX3 V16.03.12.10_CN was discovered to contain a stack overflow in the urls parameter of the get_parentControl_list_Info function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-11-10
CVE-2025-12729
Inappropriate implementation in Omnibox in Google Chrome on Android prior to 142.0.7444.137 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
CVSS Score
4.2
EPSS Score
0.0
Published
2025-11-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved