Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2026-23673
Out-of-bounds read in Windows Resilient File System (ReFS) allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.0
Published
2026-03-10
CVE-2026-23674
Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network.
CVSS Score
7.5
EPSS Score
0.001
Published
2026-03-10
CVE-2026-23907
This issue affects the ExtractEmbeddedFiles example inĀ Apache PDFBox: from 2.0.24 through 2.0.35, from 3.0.0 through 3.0.6. The ExtractEmbeddedFiles example contains a path traversal vulnerability (CWE-22) because the filename that is obtained from PDComplexFileSpecification.getFilename() is appended to the extraction path. Users who have copied this example into their production code should review it to ensure that the extraction path is acceptable. The example has been changed accordingly, now the initial path and the extraction paths are converted into canonical paths and it is verified that extraction path contains the initial path. The documentation has also been adjusted.
CVSS Score
5.3
EPSS Score
0.001
Published
2026-03-10
CVE-2026-23668
Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.
CVSS Score
7.0
EPSS Score
0.0
Published
2026-03-10
CVE-2026-23669
Use after free in Windows Print Spooler Components allows an authorized attacker to execute code over a network.
CVSS Score
8.8
EPSS Score
0.001
Published
2026-03-10
CVE-2026-23671
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Bluetooth RFCOM Protocol Driver allows an authorized attacker to elevate privileges locally.
CVSS Score
7.0
EPSS Score
0.0
Published
2026-03-10
CVE-2026-23672
Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability
CVSS Score
7.8
EPSS Score
0.0
Published
2026-03-10
CVE-2026-23660
Improper access control in Azure Portal Windows Admin Center allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.0
Published
2026-03-10
CVE-2026-23661
Cleartext transmission of sensitive information in Azure IoT Explorer allows an unauthorized attacker to disclose information over a network.
CVSS Score
7.5
EPSS Score
0.0
Published
2026-03-10
CVE-2026-23662
Missing authentication for critical function in Azure IoT Explorer allows an unauthorized attacker to disclose information over a network.
CVSS Score
7.5
EPSS Score
0.0
Published
2026-03-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved