Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2025-10918
Insecure default permissions in the agent of Ivanti Endpoint Manager before version 2024 SU4 allows a local authenticated attacker to write arbitrary files anywhere on disk
CVSS Score
7.1
EPSS Score
0.0
Published
2025-11-11
CVE-2025-13012
Race condition in the Graphics component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Firefox ESR < 115.30, Thunderbird < 145, and Thunderbird < 140.5.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-11-11
CVE-2025-13013
Mitigation bypass in the DOM: Core & HTML component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Firefox ESR < 115.30, Thunderbird < 145, and Thunderbird < 140.5.
CVSS Score
6.1
EPSS Score
0.001
Published
2025-11-11
CVE-2025-13014
Use-after-free in the Audio/Video component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Firefox ESR < 115.30, Thunderbird < 145, and Thunderbird < 140.5.
CVSS Score
8.8
EPSS Score
0.001
Published
2025-11-11
CVE-2025-13015
Spoofing issue in Firefox. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Firefox ESR < 115.30, Thunderbird < 145, and Thunderbird < 140.5.
CVSS Score
3.4
EPSS Score
0.001
Published
2025-11-11
CVE-2025-13016
Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-11-11
CVE-2025-13017
Same-origin policy bypass in the DOM: Notifications component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5.
CVSS Score
8.1
EPSS Score
0.0
Published
2025-11-11
CVE-2025-13018
Mitigation bypass in the DOM: Security component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5.
CVSS Score
8.1
EPSS Score
0.0
Published
2025-11-11
CVE-2025-41106
HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation of user inputs by sending a POST request in parameter 'first_name' in '/clients/save_contact/'.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-11-11
CVE-2025-41103
HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation of user inputs by sending a POST request in parameter 'reply_message' in '/messages/reply'.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-11-11


Products
Pricing
Contact Us

Shodan ® - All rights reserved