Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In November 2025
CVE-2025-36091
IBM Cloud Pak For Business Automation 25.0.0, 24.0.1, and 24.0.0 could allow an authenticated user to cause dashboards to become inaccessible to legitimate users due to invalid ownership assignment.
CVSS Score
4.3
EPSS Score
0.0
Published
2025-11-03
CVE-2025-36092
IBM Cloud Pak For Business Automation 25.0.0, 24.0.1, and 24.0.0 could allow an authenticated user to cause a denial of service due to the improper validation of input length.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-11-03
CVE-2025-36093
IBM Cloud Pak For Business Automation 25.0.0, 24.0.1, and 24.0.0 could allow an attacker to access unauthorized content or perform unauthorized actions using man in the middle techniques due to improper access controls.
CVSS Score
4.8
EPSS Score
0.0
Published
2025-11-03
CVE-2025-11761
A potential security vulnerability has been identified in the HP Client Management Script Library software, which might allow escalation of privilege during the installation process. HP is releasing software updates to mitigate the potential vulnerability.
CVSS Score
8.5
EPSS Score
0.0
Published
2025-11-03
CVE-2025-63442
Simple User Management System with PHP-MySQL v1.0 is vulnerable to Cross-Site Scripting (XSS) via the Profile Section. The system fails to properly sanitize user input, allowing attackers to inject and execute arbitrary JavaScript when the input is displayed in the browser
CVSS Score
4.6
EPSS Score
0.0
Published
2025-11-03
CVE-2025-63443
School Management System PHP v1.0 is vulnerable to Cross Site Scripting (XSS) in /login.php via the password parameter.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-11-03
CVE-2025-29699
NetSurf 3.11 is vulnerable to Use After Free in dom_node_set_text_content function.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-11-03
CVE-2025-45663
An issue in NetSurf v3.11 causes the application to read uninitialized heap memory when creating a dom_event structure.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-11-03
CVE-2024-51317
An issue in NetSurf v.3.11 allows a remote attacker to execute arbitrary code via the dom_node_normalize function
CVSS Score
6.5
EPSS Score
0.001
Published
2025-11-03
CVE-2025-12622
A vulnerability was determined in Tenda AC10 16.03.10.13. Affected by this vulnerability is the function formSysRunCmd of the file /goform/SysRunCmd. This manipulation of the argument getui causes buffer overflow. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized.
CVSS Score
7.4
EPSS Score
0.002
Published
2025-11-03


Products
Pricing
Contact Us

Shodan ® - All rights reserved