Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2025-66921
A Cross-site scripting (XSS) vulnerability in Create/Update Item(s) Module in Open Source Point of Sale v3.4.1 allows remote attackers to inject arbitrary web script or HTML via the "name" parameter.
CVSS Score
7.2
EPSS Score
0.001
Published
2025-12-17
CVE-2025-20393
Known exploited
Cisco is aware of a potential vulnerability.  Cisco is currently investigating and will update these details as appropriate as more information becomes available.
CVSS Score
10.0
EPSS Score
0.04
Published
2025-12-17
CVE-2025-59374
Known exploited
"UNSUPPORTED WHEN ASSIGNED" Certain versions of the ASUS Live Update client were distributed with unauthorized modifications introduced through a supply chain compromise. The modified builds could cause devices meeting specific targeting conditions to perform unintended actions. Only devices that met these conditions and installed the compromised versions were affected. The Live Update client has already reached End-of-Support (EOS) in October 2021, and no currently supported devices or products are affected by this issue.
CVSS Score
9.8
EPSS Score
0.56
Published
2025-12-17
CVE-2025-14765
Use after free in WebGPU in Google Chrome prior to 143.0.7499.147 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVSS Score
8.8
EPSS Score
0.001
Published
2025-12-16
CVE-2025-68164
In JetBrains TeamCity before 2025.11 port enumeration was possible via the Perforce connection test
CVSS Score
2.7
EPSS Score
0.0
Published
2025-12-16
CVE-2025-68165
In JetBrains TeamCity before 2025.11 reflected XSS was possible on VCS Root setup
CVSS Score
5.4
EPSS Score
0.0
Published
2025-12-16
CVE-2025-68166
In JetBrains TeamCity before 2025.11 a DOM-based XSS was possible on the OAuth connections tab
CVSS Score
5.4
EPSS Score
0.0
Published
2025-12-16
CVE-2025-68267
In JetBrains TeamCity before 2025.11.1 excessive privileges were possible due to storing GitHub personal access token instead of an installation token
CVSS Score
6.5
EPSS Score
0.0
Published
2025-12-16
CVE-2025-68268
In JetBrains TeamCity before 2025.11.1 reflected XSS was possible on the storage settings page
CVSS Score
5.4
EPSS Score
0.0
Published
2025-12-16
CVE-2025-68162
In JetBrains TeamCity before 2025.11 maven embedder allowed loading extensions via project configuration
CVSS Score
2.7
EPSS Score
0.0
Published
2025-12-16


Products
Pricing
Contact Us

Shodan ® - All rights reserved