Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2025-12531
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to an XML external entity injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources.
CVSS Score
7.1
EPSS Score
0.001
Published
2025-11-03
CVE-2025-50363
Phpgurukul Maid Hiring Management System 1.0 is vulnerable to Cross Site Scripting (XSS) in /maid-hiring.php va the name field.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-11-03
CVE-2025-36091
IBM Cloud Pak For Business Automation 25.0.0, 24.0.1, and 24.0.0 could allow an authenticated user to cause dashboards to become inaccessible to legitimate users due to invalid ownership assignment.
CVSS Score
4.3
EPSS Score
0.0
Published
2025-11-03
CVE-2025-36092
IBM Cloud Pak For Business Automation 25.0.0, 24.0.1, and 24.0.0 could allow an authenticated user to cause a denial of service due to the improper validation of input length.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-11-03
CVE-2025-36093
IBM Cloud Pak For Business Automation 25.0.0, 24.0.1, and 24.0.0 could allow an attacker to access unauthorized content or perform unauthorized actions using man in the middle techniques due to improper access controls.
CVSS Score
4.8
EPSS Score
0.0
Published
2025-11-03
CVE-2025-63442
Simple User Management System with PHP-MySQL v1.0 is vulnerable to Cross-Site Scripting (XSS) via the Profile Section. The system fails to properly sanitize user input, allowing attackers to inject and execute arbitrary JavaScript when the input is displayed in the browser
CVSS Score
4.6
EPSS Score
0.0
Published
2025-11-03
CVE-2025-29699
NetSurf 3.11 is vulnerable to Use After Free in dom_node_set_text_content function.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-11-03
CVE-2025-45663
An issue in NetSurf v3.11 causes the application to read uninitialized heap memory when creating a dom_event structure.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-11-03
CVE-2024-51317
An issue in NetSurf v.3.11 allows a remote attacker to execute arbitrary code via the dom_node_normalize function
CVSS Score
6.5
EPSS Score
0.001
Published
2025-11-03
CVE-2025-12622
A vulnerability was determined in Tenda AC10 16.03.10.13. Affected by this vulnerability is the function formSysRunCmd of the file /goform/SysRunCmd. This manipulation of the argument getui causes buffer overflow. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized.
CVSS Score
8.8
EPSS Score
0.001
Published
2025-11-03


Products
Pricing
Contact Us

Shodan ® - All rights reserved