Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2025-50952
openjpeg v 2.5.0 was discovered to contain a NULL pointer dereference via the component /openjp2/dwt.c.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-08-07
CVE-2024-52680
EyouCMS 1.6.7 is vulnerable to Cross Site Scripting (XSS) in /login.php?m=admin&c=System&a=web&lang=cn.
CVSS Score
6.1
EPSS Score
0.0
Published
2025-08-07
CVE-2025-8576
Use after free in Extensions in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Medium)
CVSS Score
8.8
EPSS Score
0.001
Published
2025-08-07
CVE-2025-8577
Inappropriate implementation in Picture In Picture in Google Chrome prior to 139.0.7258.66 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
CVSS Score
4.3
EPSS Score
0.0
Published
2025-08-07
CVE-2025-8578
Use after free in Cast in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
CVSS Score
8.8
EPSS Score
0.001
Published
2025-08-07
CVE-2025-8579
Inappropriate implementation in Picture In Picture in Google Chrome prior to 139.0.7258.66 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
CVSS Score
4.3
EPSS Score
0.0
Published
2025-08-07
CVE-2025-8580
Inappropriate implementation in Filesystems in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
CVSS Score
4.3
EPSS Score
0.0
Published
2025-08-07
CVE-2025-8581
Inappropriate implementation in Extensions in Google Chrome prior to 139.0.7258.66 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)
CVSS Score
4.3
EPSS Score
0.0
Published
2025-08-07
CVE-2025-8582
Insufficient validation of untrusted input in Core in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Low)
CVSS Score
4.3
EPSS Score
0.001
Published
2025-08-07
CVE-2025-8583
Inappropriate implementation in Permissions in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
CVSS Score
4.3
EPSS Score
0.0
Published
2025-08-07


Products
Pricing
Contact Us

Shodan ® - All rights reserved