Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In July 2025
CVE-2025-7186
A vulnerability was found in code-projects Chat System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /user/fetch_chat.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
2.1
EPSS Score
0.002
Published
2025-07-08
CVE-2025-49756
Use of a broken or risky cryptographic algorithm in Office Developer Platform allows an authorized attacker to bypass a security feature locally.
CVSS Score
3.3
EPSS Score
0.001
Published
2025-07-08
CVE-2025-49760
External control of file name or path in Windows Storage allows an authorized attacker to perform spoofing over a network.
CVSS Score
3.5
EPSS Score
0.01
Published
2025-07-08
CVE-2025-53512
The /log endpoint on a Juju controller lacked sufficient authorization checks, allowing unauthorized users to access debug messages that could contain sensitive information.
CVSS Score
6.5
EPSS Score
0.002
Published
2025-07-08
CVE-2025-53513
The /charms endpoint on a Juju controller lacked sufficient authorization checks, allowing any user with an account on the controller to upload a charm. Uploading a malicious charm that exploits a Zip Slip vulnerability could allow an attacker to gain access to a machine running a unit through the affected charm.
CVSS Score
8.8
EPSS Score
0.005
Published
2025-07-08
CVE-2025-49740
Protection mechanism failure in Windows SmartScreen allows an unauthorized attacker to bypass a security feature over a network.
CVSS Score
8.8
EPSS Score
0.01
Published
2025-07-08
CVE-2025-49742
Integer overflow or wraparound in Microsoft Graphics Component allows an authorized attacker to execute code locally.
CVSS Score
7.8
EPSS Score
0.009
Published
2025-07-08
CVE-2025-49744
Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.
CVSS Score
7.0
EPSS Score
0.022
Published
2025-07-08
CVE-2025-49753
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
CVSS Score
8.8
EPSS Score
0.006
Published
2025-07-08
CVE-2025-49733
Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.006
Published
2025-07-08


Products
Pricing
Contact Us

Shodan ® - All rights reserved