Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - Known exploited
CVE-2025-43200
Known exploited
This issue was addressed with improved checks. This issue is fixed in watchOS 11.3.1, macOS Ventura 13.7.4, iOS 15.8.4 and iPadOS 15.8.4, iOS 16.7.11 and iPadOS 16.7.11, iPadOS 17.7.5, visionOS 2.3.1, macOS Sequoia 15.3.1, iOS 18.3.1 and iPadOS 18.3.1, macOS Sonoma 14.7.4. A logic issue existed when processing a maliciously crafted photo or video shared via an iCloud Link. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.
CVSS Score
4.8
EPSS Score
0.006
Published
2025-06-16
CVE-2025-33053
Known exploited
External control of file name or path in Internet Shortcut Files allows an unauthorized attacker to execute code over a network.
CVSS Score
8.8
EPSS Score
0.165
Published
2025-06-10
CVE-2025-21479
Known exploited
Memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands.
CVSS Score
8.6
EPSS Score
0.028
Published
2025-06-03
CVE-2025-27038
Known exploited
Memory corruption while rendering graphics using Adreno GPU drivers in Chrome.
CVSS Score
7.5
EPSS Score
0.028
Published
2025-06-03
CVE-2025-21480
Known exploited
Memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands.
CVSS Score
8.6
EPSS Score
0.028
Published
2025-06-03
CVE-2025-5419
Known exploited
Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVSS Score
8.8
EPSS Score
0.006
Published
2025-06-03
CVE-2025-32709
Known exploited
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.042
Published
2025-05-13
CVE-2025-32706
Known exploited
Improper input validation in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.137
Published
2025-05-13
CVE-2025-30397
Known exploited
Access of resource using incompatible type ('type confusion') in Microsoft Scripting Engine allows an unauthorized attacker to execute code over a network.
CVSS Score
7.5
EPSS Score
0.128
Published
2025-05-13
CVE-2025-30400
Known exploited
Use after free in Windows DWM allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.037
Published
2025-05-13


Products
Pricing
Contact Us

Shodan ® - All rights reserved