Shodan
Vulnerabilities
Vulnerable Software
Microsoft:  Security Vulnerabilities
CVE-2022-39163
IBM Cognos Controller 11.0.0 through 11.1.0 is vulnerable to a Client-Side Desync (CSD) attack where an attacker could exploit a desynchronized browser connection that could lead to further cross-site scripting (XSS) attacks.
CVSS Score
4.7
EPSS Score
0.002
Published
2025-03-26
CVE-2025-29806
No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
CVSS Score
6.5
EPSS Score
0.018
Published
2025-03-23
CVE-2025-29795
Improper link resolution before file access ('link following') in Microsoft Edge (Chromium-based) allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.007
Published
2025-03-23
CVE-2025-29807
Deserialization of untrusted data in Microsoft Dataverse allows an authorized attacker to execute code over a network.
CVSS Score
8.7
EPSS Score
0.013
Published
2025-03-21
CVE-2025-29814
Improper authorization in Microsoft Partner Center allows an authorized attacker to elevate privileges over a network.
CVSS Score
9.3
EPSS Score
0.189
Published
2025-03-21
CVE-2024-8196
In mintplex-labs/anything-llm v1.5.11 desktop version for Windows, the application opens server port 3001 on 0.0.0.0 with no authentication by default. This vulnerability allows an attacker to gain full backend access, enabling them to perform actions such as deleting all data from the workspace.
CVSS Score
9.8
EPSS Score
0.002
Published
2025-03-20
CVE-2024-51459
IBM InfoSphere Information Server 11.7 could allow a local user to execute privileged commands due to the improper handling of permissions.
CVSS Score
8.4
EPSS Score
0.0
Published
2025-03-19
CVE-2025-24053
Improper authentication in Microsoft Dataverse allows an authorized attacker to elevate privileges over a network.
CVSS Score
7.2
EPSS Score
0.004
Published
2025-03-13
CVE-2025-23360
NVIDIA Nemo Framework contains a vulnerability where a user could cause a relative path traversal issue by arbitrary file write. A successful exploit of this vulnerability may lead to code execution and data tampering.
CVSS Score
7.1
EPSS Score
0.002
Published
2025-03-11
CVE-2025-27177
InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-03-11


Products
Pricing
Contact Us

Shodan ® - All rights reserved