Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2026-25172
Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.
CVSS Score
8.0
EPSS Score
0.001
Published
2026-03-10
CVE-2026-25173
Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.
CVSS Score
8.0
EPSS Score
0.001
Published
2026-03-10
CVE-2026-25167
Use after free in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally.
CVSS Score
7.4
EPSS Score
0.0
Published
2026-03-10
CVE-2026-25168
Null pointer dereference in Microsoft Graphics Component allows an unauthorized attacker to deny service locally.
CVSS Score
6.2
EPSS Score
0.0
Published
2026-03-10
CVE-2026-25169
Divide by zero in Microsoft Graphics Component allows an unauthorized attacker to deny service locally.
CVSS Score
6.2
EPSS Score
0.0
Published
2026-03-10
CVE-2026-25165
Null pointer dereference in Windows Performance Counters allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.0
Published
2026-03-10
CVE-2026-25166
Deserialization of untrusted data in Windows System Image Manager allows an authorized attacker to execute code locally.
CVSS Score
7.8
EPSS Score
0.006
Published
2026-03-10
CVE-2026-24640
A Stack-based Buffer Overflow vulnerability [CWE-121] vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.2, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4 all versions, FortiWeb 7.2 all versions, FortiWeb 7.0.2 through 7.0.12 may allow a remote authenticated attacker who can bypass stack protection and ASLR to execute arbitrary code or commands via crafted HTTP requests.
CVSS Score
6.6
EPSS Score
0.0
Published
2026-03-10
CVE-2026-24641
A NULL Pointer Dereference vulnerability [CWE-476] vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.2, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4 all versions, FortiWeb 7.2 all versions, FortiWeb 7.0 all versions may allow an authenticated attacker to crash the HTTP daemon via crafted HTTP requests.
CVSS Score
2.7
EPSS Score
0.001
Published
2026-03-10
CVE-2026-24297
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Kerberos allows an unauthorized attacker to bypass a security feature over a network.
CVSS Score
6.5
EPSS Score
0.0
Published
2026-03-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved