Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In March 2025
CVE-2025-24046
Use after free in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.001
Published
2025-03-11
CVE-2025-24048
Heap-based buffer overflow in Role: Windows Hyper-V allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.001
Published
2025-03-11
CVE-2025-24049
Improper neutralization of special elements used in a command ('command injection') in Azure Command Line Integration (CLI) allows an unauthorized attacker to elevate privileges locally.
CVSS Score
8.4
EPSS Score
0.001
Published
2025-03-11
CVE-2025-24035
Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network.
CVSS Score
8.1
EPSS Score
0.003
Published
2025-03-11
CVE-2025-24043
Improper verification of cryptographic signature in .NET allows an authorized attacker to execute code over a network.
CVSS Score
7.5
EPSS Score
0.002
Published
2025-03-11
CVE-2025-21247
Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network.
CVSS Score
4.3
EPSS Score
0.002
Published
2025-03-11
CVE-2025-21199
Improper privilege management in Azure Agent Installer allows an authorized attacker to elevate privileges locally.
CVSS Score
6.7
EPSS Score
0.001
Published
2025-03-11
CVE-2025-21169
Substance3D - Designer versions 14.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-03-11
CVE-2025-21180
Heap-based buffer overflow in Windows exFAT File System allows an unauthorized attacker to execute code locally.
CVSS Score
7.8
EPSS Score
0.002
Published
2025-03-11
CVE-2024-56338
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.3 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVSS Score
4.8
EPSS Score
0.0
Published
2025-03-11


Products
Pricing
Contact Us

Shodan ® - All rights reserved