Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2025-40596
A Stack-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution.
CVSS Score
7.3
EPSS Score
0.001
Published
2025-07-23
CVE-2025-40597
A Heap-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-07-23
CVE-2025-40598
A Reflected cross-site scripting (XSS) vulnerability exists in the SMA100 series web interface, allowing a remote unauthenticated attacker to potentially execute arbitrary JavaScript code.
CVSS Score
6.1
EPSS Score
0.0
Published
2025-07-23
CVE-2025-33020
IBM Engineering Systems Design Rhapsody 9.0.2, 10.0, and 10.0.1 transmits sensitive information without encryption that could allow an attacker to obtain highly sensitive information.
CVSS Score
5.9
EPSS Score
0.0
Published
2025-07-23
CVE-2025-33076
IBM Engineering Systems Design Rhapsody 9.0.2, 10.0, and 10.0.1 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local user could overflow the buffer and execute arbitrary code on the system.
CVSS Score
8.8
EPSS Score
0.001
Published
2025-07-23
CVE-2025-33077
IBM Engineering Systems Design Rhapsody 9.0.2, 10.0, and 10.0.1 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local user could overflow the buffer and execute arbitrary code on the system.
CVSS Score
8.8
EPSS Score
0.001
Published
2025-07-23
CVE-2025-36116
IBM Db2 Mirror for i 7.4, 7.5, and 7.6 GUI is affected by cross-site WebSocket hijacking vulnerability. By sending a specially crafted request, an unauthenticated malicious actor could exploit this vulnerability to sniff an existing WebSocket connection to then remotely perform operations that the user is not allowed to perform.
CVSS Score
6.3
EPSS Score
0.0
Published
2025-07-23
CVE-2025-36117
IBM Db2 Mirror for i 7.4, 7.5, and 7.6 does not disallow the session id after use which could allow an authenticated user to impersonate another user on the system.
CVSS Score
6.3
EPSS Score
0.0
Published
2025-07-23
CVE-2024-41751
IBM SmartCloud Analytics - Log Analysis 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, and 1.3.8.2 could allow a local, authenticated attacker to bypass client-side enforcement of security to manipulate data.
CVSS Score
5.5
EPSS Score
0.0
Published
2025-07-23
CVE-2024-40682
IBM SmartCloud Analytics - Log Analysis 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, and 1.3.8.2 could allow a local user to cause a denial of service due to improper validation of specified type of input.
CVSS Score
6.2
EPSS Score
0.0
Published
2025-07-23


Products
Pricing
Contact Us

Shodan ® - All rights reserved