Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2025-54897
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVSS Score
8.8
EPSS Score
0.014
Published
2025-09-09
CVE-2025-54898
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVSS Score
7.8
EPSS Score
0.001
Published
2025-09-09
CVE-2025-54899
Free of memory not on the heap in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVSS Score
7.8
EPSS Score
0.001
Published
2025-09-09
CVE-2025-54251
Adobe Experience Manager versions 6.5.23.0 and earlier are affected by an XML Injection vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to manipulate XML queries and gain limited unauthorized write access.
CVSS Score
4.3
EPSS Score
0.099
Published
2025-09-09
CVE-2025-54252
Adobe Experience Manager versions 6.5.23.0 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. This could result in bypassing security features within the application. Exploitation of this issue requires user interaction in that a victim must browse to the page containing the vulnerable field.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-09-09
CVE-2025-54261
ColdFusion versions 2025.3, 2023.15, 2021.21 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary code execution by an attacker. The victim must have optional configurations enabled. Scope is changed.
CVSS Score
10.0
EPSS Score
0.012
Published
2025-09-09
CVE-2025-54894
Local Security Authority Subsystem Service Elevation of Privilege Vulnerability
CVSS Score
7.8
EPSS Score
0.0
Published
2025-09-09
CVE-2025-54247
Adobe Experience Manager versions 6.5.23.0 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized read access.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-09-09
CVE-2025-54248
Adobe Experience Manager versions 6.5.23.0 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized read access. Scope is changed
CVSS Score
7.7
EPSS Score
0.001
Published
2025-09-09
CVE-2025-54249
Adobe Experience Manager versions 6.5.23.0 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to manipulate server-side requests and bypass security controls allowing unauthorized read access.
CVSS Score
6.5
EPSS Score
0.084
Published
2025-09-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved