Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2025-8459
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Centreon Infra Monitoring (Monitoring recurrent downtime scheduler modules) allows Stored XSS.This issue affects Infra Monitoring: from 24.10.0 before 24.10.13, from 24.04.0 before 24.04.18, from 23.10.0 before 23.10.28.
CVSS Score
7.7
EPSS Score
0.0
Published
2025-10-14
CVE-2025-11736
A flaw has been found in itsourcecode Online Examination System 1.0. Affected by this issue is some unknown functionality of the file /index.php. This manipulation of the argument Username causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used.
CVSS Score
7.3
EPSS Score
0.0
Published
2025-10-14
CVE-2025-59502
Uncontrolled resource consumption in Windows Remote Procedure Call allows an unauthorized attacker to deny service over a network.
CVSS Score
7.5
EPSS Score
0.017
Published
2025-10-14
CVE-2025-8430
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Centreon Infra Monitoring (Commands Connectors configuration modules) allows Stored XSS by users with elevated privileges. This issue affects Infra Monitoring: from 24.10.0 before 24.10.13, from 24.04.0 before 24.04.18, from 23.10.0 before 23.10.28.
CVSS Score
6.8
EPSS Score
0.0
Published
2025-10-14
CVE-2025-59494
Improper access control in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-10-14
CVE-2025-59497
Time-of-check time-of-use (toctou) race condition in Microsoft Defender for Linux allows an authorized attacker to deny service locally.
CVSS Score
7.0
EPSS Score
0.0
Published
2025-10-14
CVE-2025-59289
Double free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally.
CVSS Score
7.0
EPSS Score
0.0
Published
2025-10-14
CVE-2025-59290
Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-10-14
CVE-2025-59291
External control of file name or path in Confidential Azure Container Instances allows an authorized attacker to elevate privileges locally.
CVSS Score
8.2
EPSS Score
0.001
Published
2025-10-14
CVE-2025-59292
External control of file name or path in Confidential Azure Container Instances allows an authorized attacker to elevate privileges locally.
CVSS Score
8.2
EPSS Score
0.001
Published
2025-10-14


Products
Pricing
Contact Us

Shodan ® - All rights reserved