Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In April 2025
CVE-2025-4142
A vulnerability has been found in Netgear EX6200 1.0.3.94 and classified as critical. This vulnerability affects the function sub_3C8EC. The manipulation of the argument host leads to buffer overflow. The attack can be initiated remotely. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Score
8.8
EPSS Score
0.003
Published
2025-04-30
CVE-2025-4140
A vulnerability, which was classified as critical, has been found in Netgear EX6120 1.0.3.94. Affected by this issue is the function sub_30394. The manipulation of the argument host leads to buffer overflow. The attack may be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Score
8.8
EPSS Score
0.003
Published
2025-04-30
CVE-2025-4141
A vulnerability, which was classified as critical, was found in Netgear EX6200 1.0.3.94. This affects the function sub_3C03C. The manipulation of the argument host leads to buffer overflow. It is possible to initiate the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Score
8.8
EPSS Score
0.003
Published
2025-04-30
CVE-2023-37535
Insufficient URI protocol whitelist in HCL Domino Volt and Domino Leap allow script injection through query parameters.
CVSS Score
7.1
EPSS Score
0.0
Published
2025-04-30
CVE-2023-45721
Insufficient default configuration in HCL Leap allows anonymous access to directory information.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-04-30
CVE-2024-30115
Insufficient sanitization policy in HCL Leap allows client-side script injection in the deployed application through the HTML widget.
CVSS Score
6.3
EPSS Score
0.0
Published
2025-04-30
CVE-2024-30145
Multiple vectors in HCL Domino Volt and Domino Leap allow client-side script injection in the authoring environment and deployed applications.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-04-30
CVE-2024-30146
Improper access control of endpoint in HCL Domino Leap allows certain admin users to import applications from the server's filesystem.
CVSS Score
4.1
EPSS Score
0.0
Published
2025-04-30
CVE-2022-42450
Improper sanitization of SVG files in HCL Domino Volt allows client-side script injection in deployed applications.
CVSS Score
4.6
EPSS Score
0.0
Published
2025-04-30
CVE-2023-37517
Missing "no cache" headers in HCL Leap permits sensitive data to be cached.
CVSS Score
3.2
EPSS Score
0.0
Published
2025-04-30


Products
Pricing
Contact Us

Shodan ® - All rights reserved