Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2026-26309
Envoy is a high-performance edge/middle/service proxy. Prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13, an off-by-one write in Envoy::JsonEscaper::escapeString() can corrupt std::string null-termination, causing undefined behavior and potentially leading to crashes or out-of-bounds reads when the resulting string is later treated as a C-string. This vulnerability is fixed in 1.37.1, 1.36.5, 1.35.8, and 1.34.13.
CVSS Score
5.3
EPSS Score
0.0
Published
2026-03-10
CVE-2026-26123
Cwe is not in rca categories in Microsoft Authenticator allows an unauthorized attacker to disclose information locally.
CVSS Score
5.5
EPSS Score
0.001
Published
2026-03-10
CVE-2025-70249
Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWizard2.
CVSS Score
7.5
EPSS Score
0.001
Published
2026-03-10
CVE-2025-70251
Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the webPage parameter to goform/formWlanGuestSetup.
CVSS Score
7.5
EPSS Score
0.0
Published
2026-03-10
CVE-2025-36227
IBM Aspera Faspex 5 5.0.0 through 5.0.14.3 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers.  This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking.
CVSS Score
5.4
EPSS Score
0.0
Published
2026-03-10
CVE-2025-70227
Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the nextPage parameter to goform/formLanguageChange.
CVSS Score
7.5
EPSS Score
0.001
Published
2026-03-10
CVE-2025-70242
Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the webPage parameter to goform/formSetWanPPTP.
CVSS Score
7.5
EPSS Score
0.0
Published
2026-03-10
CVE-2025-70246
Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formVirtualServ.
CVSS Score
7.5
EPSS Score
0.001
Published
2026-03-10
CVE-2025-70247
Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWizard1.
CVSS Score
7.5
EPSS Score
0.001
Published
2026-03-10
CVE-2025-13219
IBM Aspera Orchestrator 3.0.0 through 4.1.2 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history.
CVSS Score
5.9
EPSS Score
0.0
Published
2026-03-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved