Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2025-12440
Inappropriate implementation in Autofill in Google Chrome prior to 142.0.7444.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Low)
CVSS Score
5.3
EPSS Score
0.0
Published
2025-11-10
CVE-2025-12441
Out of bounds read in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)
CVSS Score
4.3
EPSS Score
0.0
Published
2025-11-10
CVE-2025-12430
Object lifecycle issue in Media in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: High)
CVSS Score
7.5
EPSS Score
0.0
Published
2025-11-10
CVE-2025-12431
Inappropriate implementation in Extensions in Google Chrome prior to 142.0.7444.59 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. (Chromium security severity: High)
CVSS Score
6.5
EPSS Score
0.0
Published
2025-11-10
CVE-2025-12432
Race in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVSS Score
8.8
EPSS Score
0.001
Published
2025-11-10
CVE-2025-12433
Inappropriate implementation in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
CVSS Score
4.3
EPSS Score
0.0
Published
2025-11-10
CVE-2025-12429
Inappropriate implementation in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)
CVSS Score
8.8
EPSS Score
0.001
Published
2025-11-10
CVE-2025-12428
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)
CVSS Score
8.8
EPSS Score
0.001
Published
2025-11-10
CVE-2025-47286
Combodo iTop is a web based IT service management tool. In versions prior to 2.7.13 and 3.2.2, an administrator can, by editing the configuration of the iTop instance, execute code on the server. Versions 2.7.13 and 3.2.2 escape and check the config parameter before executing a command based on it.
CVSS Score
7.2
EPSS Score
0.001
Published
2025-11-10
CVE-2025-47773
Combodo iTop is a web based IT service management tool. Versions prior to 2.7.13 and 3.2.2 are vulnerable to cross-site scripting when a dashboard is edited via an AJAX call. Versions 2.7.13 and 3.2.2 protect rendered HTML content.
CVSS Score
8.8
EPSS Score
0.0
Published
2025-11-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved