Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2026-24457
An unsafe parsing of OpenMQ's configuration, allows a remote attacker to read arbitrary files from a MQ Broker's server. A full exploitation could read unauthorized files of the OpenMQ’s host OS. In some scenarios RCE could be achieved.
CVSS Score
9.1
EPSS Score
0.003
Published
2026-03-05
CVE-2025-70232
Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetMACFilter.
CVSS Score
9.8
EPSS Score
0.001
Published
2026-03-05
CVE-2025-70233
Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetEnableWizard.
CVSS Score
9.8
EPSS Score
0.001
Published
2026-03-05
CVE-2025-45691
An Arbitrary File Read vulnerability exists in the ImageTextPromptValue class in Exploding Gradients RAGAS v0.2.3 to v0.2.14. The vulnerability stems from improper validation and sanitization of URLs supplied in the retrieved_contexts parameter when handling multimodal inputs.
CVSS Score
7.5
EPSS Score
0.001
Published
2026-03-05
CVE-2025-70229
Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSchedule.
CVSS Score
9.8
EPSS Score
0.001
Published
2026-03-05
CVE-2025-70230
Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetDDNS.
CVSS Score
9.8
EPSS Score
0.001
Published
2026-03-05
CVE-2025-70231
D-Link DIR-513 version 1.10 contains a critical-level vulnerability. When processing POST requests related to verification codes in /goform/formLogin, it enters /goform/getAuthCode but fails to filter the value of the FILECODE parameter, resulting in a path traversal vulnerability.
CVSS Score
9.8
EPSS Score
0.001
Published
2026-03-05
CVE-2025-13476
Rakuten Viber Cloak mode in Android v25.7.2.0g and Windows v25.6.0.0–v25.8.1.0 uses a static and predictable TLS ClientHello fingerprint lacking extension diversity, allowing Deep Packet Inspection (DPI) systems to trivially identify and block proxy traffic, undermining censorship circumvention. (CWE-327)
CVSS Score
9.8
EPSS Score
0.0
Published
2026-03-05
CVE-2026-30796
Cleartext Transmission of Sensitive Information vulnerability in rustdesk-server-pro RustDesk Server Pro rustdesk-server-pro on Windows, MacOS, Linux (Address book sync API modules) allows Sniffing Attacks. This vulnerability is associated with program files Closed source — API endpoint handling heartbeat sync and program routines Heartbeat API handler (accepts preset-address-book-password in plaintext). This issue affects RustDesk Server Pro: through 1.7.5.
CVSS Score
7.5
EPSS Score
0.0
Published
2026-03-05
CVE-2026-30797
Missing Authorization vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Flutter URI scheme handler, config import modules) allows Application API Message Manipulation via Man-in-the-Middle. This vulnerability is associated with program files flutter/lib/common.Dart and program routines importConfig() via URI handler. This issue affects RustDesk Client: through 1.4.5.
CVSS Score
8.1
EPSS Score
0.0
Published
2026-03-05


Products
Pricing
Contact Us

Shodan ® - All rights reserved