Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2025-10918
Insecure default permissions in the agent of Ivanti Endpoint Manager before version 2024 SU4 allows a local authenticated attacker to write arbitrary files anywhere on disk
CVSS Score
7.1
EPSS Score
0.0
Published
2025-11-11
CVE-2025-13012
Race condition in the Graphics component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Firefox ESR < 115.30, Thunderbird < 145, and Thunderbird < 140.5.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-11-11
CVE-2025-13013
Mitigation bypass in the DOM: Core & HTML component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Firefox ESR < 115.30, Thunderbird < 145, and Thunderbird < 140.5.
CVSS Score
6.1
EPSS Score
0.001
Published
2025-11-11
CVE-2025-13014
Use-after-free in the Audio/Video component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Firefox ESR < 115.30, Thunderbird < 145, and Thunderbird < 140.5.
CVSS Score
8.8
EPSS Score
0.001
Published
2025-11-11
CVE-2025-13015
Spoofing issue in Firefox. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Firefox ESR < 115.30, Thunderbird < 145, and Thunderbird < 140.5.
CVSS Score
3.4
EPSS Score
0.001
Published
2025-11-11
CVE-2025-13016
Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-11-11
CVE-2025-13017
Same-origin policy bypass in the DOM: Notifications component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5.
CVSS Score
8.1
EPSS Score
0.0
Published
2025-11-11
CVE-2025-13018
Mitigation bypass in the DOM: Security component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5.
CVSS Score
8.1
EPSS Score
0.0
Published
2025-11-11
CVE-2024-57695
An issue in Agnitum Outpost Security Suite 7.5.3 (3942.608.1810) and 7.6 (3984.693.1842) allows a local attacker to execute arbitrary code via the lock function. The manufacturer fixed the vulnerability in version 8.0 (4164.652.1856) from December 17, 2012.
CVSS Score
7.7
EPSS Score
0.0
Published
2025-11-11
CVE-2025-41106
HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation of user inputs by sending a POST request in parameter 'first_name' in '/clients/save_contact/'.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-11-11


Products
Pricing
Contact Us

Shodan ® - All rights reserved