Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2025-65237
A reflected cross-site scripted (XSS) vulnerability in OpenCode Systems USSD Gateway OC Release: 5 allows attackers to execute arbitrary JavaScript in the context of a user's browser via injecting a crafted payload.
CVSS Score
6.1
EPSS Score
0.0
Published
2025-11-26
CVE-2025-65238
Incorrect access control in the getSubUsersByProvider function of OpenCode Systems USSD Gateway OC Release: 5 Version 6.13.11 allows attackers with low-level privileges to dump user records and access sensitive information.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-11-26
CVE-2025-65239
Incorrect access control in the /aux1/ocussd/trace endpoint of OpenCode Systems USSD Gateway OC Release:5, version 6.13.11 allows attackers with low-level privileges to read server logs.
CVSS Score
4.3
EPSS Score
0.0
Published
2025-11-26
CVE-2025-63938
Tinyproxy through 1.11.2 contains an integer overflow vulnerability in the strip_return_port() function within src/reqs.c.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-11-26
CVE-2025-65235
OpenCode Systems USSD Gateway OC Release: 5 Version 6.13.11 was discovered to contain a SQL injection vulnerability via the ID parameter in the getSubUsersByProvider function.
CVSS Score
9.8
EPSS Score
0.0
Published
2025-11-26
CVE-2025-46175
Ruoyi v4.8.0 is vulnerable to Incorrect Access Control. There is a missing checkUserDataScope permission check in the authRole method of SysUserController.java.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-11-26
CVE-2025-50402
FAST FAC1200R F400_FAC1200R_Q is vulnerable to Buffer Overflow in the function sub_80435780 via the parameter string fac_password.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-11-26
CVE-2025-56396
An issue was discovered in Ruoyi 4.8.1 allowing attackers to gain escalated privileges due to the owning department having higher rights than the active user.
CVSS Score
8.8
EPSS Score
0.0
Published
2025-11-26
CVE-2025-46174
Ruoyi v4.8.0 vulnerable to Incorrect Access Control. There is a missing checkUserDataScope permission check in the resetPwd Method of SysUserController.java.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-11-26
CVE-2025-50399
FAST FAC1200R F400_FAC1200R_Q is vulnerable to Buffer Overflow in the function sub_80435780 via the parameter password.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-11-26


Products
Pricing
Contact Us

Shodan ® - All rights reserved