Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2025-61856
A stack-based buffer overflow vulnerability exists in VS6ComFile!CV7BaseMap::WriteV7DataToRom of V-SFT v6.2.7.0 and earlier. Opening specially crafted V-SFT files may lead to information disclosure, affected system's abnormal end (ABEND), and arbitrary code execution.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-10-10
CVE-2025-11189
The Kiwire Captive Portal contains a reflected cross-site scripting (XSS) vulnerability within the login-url parameter, allowing for Javascript execution.
CVSS Score
7.3
EPSS Score
0.001
Published
2025-10-10
CVE-2025-11190
The Kiwire Captive Portal contains an open redirection issue via the login-url parameter, allowing an attacker to redirect users to an attacker controlled website.
CVSS Score
5.4
EPSS Score
0.001
Published
2025-10-10
CVE-2025-11188
The Kiwire Captive Portal contains a blind SQL injection in the nas-id parameter, allowing for SQL commands to be issued and to compromise the corresponding database.
CVSS Score
7.3
EPSS Score
0.0
Published
2025-10-10
CVE-2025-52634
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in HCL AION This issue affects HCL AION: 2.0.
CVSS Score
3.7
EPSS Score
0.0
Published
2025-10-10
CVE-2025-52650
Inline script execution allowed in CSP vulnerability has been identified in HCL AION v2.0
CVSS Score
8.2
EPSS Score
0.0
Published
2025-10-10
CVE-2025-37727
Insertion of sensitive information in log file in Elasticsearch can lead to loss of confidentiality under specific preconditions when auditing requests to the reindex API https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-reindex
CVSS Score
5.7
EPSS Score
0.0
Published
2025-10-10
CVE-2025-52630
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in HCL AION.This issue affects AION: 2.0.
CVSS Score
3.7
EPSS Score
0.0
Published
2025-10-10
CVE-2025-52632
A Missing Secure Attribute in Encrypted Session (SSL) Cookie vulnerability in HCL AION.This issue affects AION: 2.0.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-10-10
CVE-2025-25018
Improper Neutralization of Input During Web Page Generation in Kibana can lead to stored Cross-Site Scripting (XSS)
CVSS Score
8.7
EPSS Score
0.0
Published
2025-10-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved