Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In April 2025
CVE-2025-23251
NVIDIA NeMo Framework contains a vulnerability where a user could cause an improper control of generation of code by remote code execution. A successful exploit of this vulnerability might lead to code execution and data tampering.
CVSS Score
7.6
EPSS Score
0.005
Published
2025-04-22
CVE-2025-28024
TOTOLINK A810R V4.1.2cu.5182_B20201026 was found to contain a buffer overflow vulnerability in the cstecgi.cgi
CVSS Score
9.8
EPSS Score
0.004
Published
2025-04-22
CVE-2025-29547
In Rollback Rx Professional 12.8.0.0, the driver file shieldm.sys allows local users to cause a denial of service because of a null pointer dereference from IOCtl 0x96202000.
CVSS Score
7.0
EPSS Score
0.002
Published
2025-04-22
CVE-2025-1950
IBM Hardware Management Console - Power Systems V10.2.1030.0 and V10.3.1050.0 could allow a local user to execute commands locally due to improper validation of libraries of an untrusted source.
CVSS Score
9.3
EPSS Score
0.0
Published
2025-04-22
CVE-2025-1951
IBM Hardware Management Console - Power Systems V10.2.1030.0 and V10.3.1050.0 could allow a local user to execute commands as a privileged user due to execution of commands with unnecessary privileges.
CVSS Score
8.4
EPSS Score
0.0
Published
2025-04-22
CVE-2025-28032
TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 contain a pre-auth buffer overflow vulnerability in the setNoticeCfg function through the IpForm parameter.
CVSS Score
7.3
EPSS Score
0.003
Published
2025-04-22
CVE-2025-28033
TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a pre-auth buffer overflow vulnerability in the setNoticeCfg function through the IpTo parameter.
CVSS Score
7.3
EPSS Score
0.003
Published
2025-04-22
CVE-2025-28034
TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a pre-auth remote command execution vulnerability in the NTPSyncWithHost function through the hostTime parameter.
CVSS Score
9.8
EPSS Score
0.064
Published
2025-04-22
CVE-2024-40445
A directory traversal vulnerability in forkosh Mime TeX before version 1.77 allows attackers on Windows systems to read or append arbitrary files by manipulating crafted input paths.
CVSS Score
7.3
EPSS Score
0.001
Published
2025-04-22
CVE-2024-40446
An issue in forkosh Mime Tex before v.1.77 allows an attacker to execute arbitrary code via a crafted script
CVSS Score
9.8
EPSS Score
0.002
Published
2025-04-22


Products
Pricing
Contact Us

Shodan ® - All rights reserved