Shodan
Vulnerabilities
Vulnerable Software
Microsoft:  Security Vulnerabilities
CVE-2025-8011
Type Confusion in V8 in Google Chrome prior to 138.0.7204.168 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVSS Score
8.8
EPSS Score
0.001
Published
2025-07-22
CVE-2025-8010
Type Confusion in V8 in Google Chrome prior to 138.0.7204.168 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVSS Score
8.8
EPSS Score
0.001
Published
2025-07-22
CVE-2025-53771
Improper authentication in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.
CVSS Score
6.5
EPSS Score
0.058
Published
2025-07-20
CVE-2025-53770
Known exploited
Deserialization of untrusted data in on-premises Microsoft SharePoint Server allows an unauthorized attacker to execute code over a network. Microsoft is aware that an exploit for CVE-2025-53770 exists in the wild. Microsoft is preparing and fully testing a comprehensive update to address this vulnerability. In the meantime, please make sure that the mitigation provided in this CVE documentation is in place so that you are protected from exploitation.
CVSS Score
9.8
EPSS Score
0.87
Published
2025-07-20
CVE-2025-33014
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0 through 6.2.0.4 uses a web link with untrusted references to an external site. A remote attacker could exploit this vulnerability to expose sensitive information or perform unauthorized actions on the victims’ web browser.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-07-18
CVE-2025-53762
Permissive list of allowed inputs in Microsoft Purview allows an authorized attacker to elevate privileges over a network.
CVSS Score
8.7
EPSS Score
0.001
Published
2025-07-18
CVE-2025-49746
Improper authorization in Azure Machine Learning allows an authorized attacker to elevate privileges over a network.
CVSS Score
9.9
EPSS Score
0.001
Published
2025-07-18
CVE-2025-49747
Missing authorization in Azure Machine Learning allows an authorized attacker to elevate privileges over a network.
CVSS Score
9.9
EPSS Score
0.001
Published
2025-07-18
CVE-2025-47995
Weak authentication in Azure Machine Learning allows an authorized attacker to elevate privileges over a network.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-07-18
CVE-2025-47158
Authentication bypass by assumed-immutable data in Azure DevOps allows an unauthorized attacker to elevate privileges over a network.
CVSS Score
9.0
EPSS Score
0.001
Published
2025-07-18


Products
Pricing
Contact Us

Shodan ® - All rights reserved