Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2025-2634
Out of bounds read vulnerability due to improper bounds checking in NI LabVIEW in fontmgr may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q1 and prior versions.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-07-23
CVE-2025-40596
A Stack-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution.
CVSS Score
7.3
EPSS Score
0.001
Published
2025-07-23
CVE-2025-40597
A Heap-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-07-23
CVE-2025-40598
A Reflected cross-site scripting (XSS) vulnerability exists in the SMA100 series web interface, allowing a remote unauthenticated attacker to potentially execute arbitrary JavaScript code.
CVSS Score
6.1
EPSS Score
0.0
Published
2025-07-23
CVE-2025-33020
IBM Engineering Systems Design Rhapsody 9.0.2, 10.0, and 10.0.1 transmits sensitive information without encryption that could allow an attacker to obtain highly sensitive information.
CVSS Score
5.9
EPSS Score
0.0
Published
2025-07-23
CVE-2025-33076
IBM Engineering Systems Design Rhapsody 9.0.2, 10.0, and 10.0.1 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local user could overflow the buffer and execute arbitrary code on the system.
CVSS Score
8.8
EPSS Score
0.001
Published
2025-07-23
CVE-2025-33077
IBM Engineering Systems Design Rhapsody 9.0.2, 10.0, and 10.0.1 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local user could overflow the buffer and execute arbitrary code on the system.
CVSS Score
8.8
EPSS Score
0.001
Published
2025-07-23
CVE-2025-36116
IBM Db2 Mirror for i 7.4, 7.5, and 7.6 GUI is affected by cross-site WebSocket hijacking vulnerability. By sending a specially crafted request, an unauthenticated malicious actor could exploit this vulnerability to sniff an existing WebSocket connection to then remotely perform operations that the user is not allowed to perform.
CVSS Score
6.3
EPSS Score
0.0
Published
2025-07-23
CVE-2025-36117
IBM Db2 Mirror for i 7.4, 7.5, and 7.6 does not disallow the session id after use which could allow an authenticated user to impersonate another user on the system.
CVSS Score
6.3
EPSS Score
0.0
Published
2025-07-23
CVE-2025-54090
A bug in Apache HTTP Server 2.4.64 results in all "RewriteCond expr ..." tests evaluating as "true". Users are recommended to upgrade to version 2.4.65, which fixes the issue.
CVSS Score
6.3
EPSS Score
0.001
Published
2025-07-23


Products
Pricing
Contact Us

Shodan ® - All rights reserved