ZERO-DAY 2025 2025 2024 2023
ZDI ID
ZDI CAN
AFFECTED VENDOR(S)
CVE
ZDI-25-1202
ZDI-CAN-27040
Anritsu
CVE-2025-15351
(0Day) Anritsu VectorStar CHX File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-1201
ZDI-CAN-27039
CVE-2025-15350
ZDI-25-1200
ZDI-CAN-27315
CVE-2025-15349
(0Day) Anritsu ShockLine SCPI Race Condition Remote Code Execution Vulnerability
ZDI-25-1199
ZDI-CAN-27833
CVE-2025-15348
(0Day) Anritsu ShockLine CHX File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-1198
ZDI-CAN-27769
Trimble
CVE-2025-15062
Trimble SketchUp SKP File Parsing Use-After-Free Remote Code Execution Vulnerability
ZDI-25-1197
ZDI-CAN-27877
Framelink
CVE-2025-15061
Framelink Figma MCP Server fetchWithRetry Command Injection Remote Code Execution Vulnerability
ZDI-25-1196
ZDI-CAN-28232
GIMP
CVE-2025-15059
GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-1195
ZDI-CAN-28564
FontForge
CVE-2025-15269
(0Day) FontForge SFD File Parsing Use-After-Free Remote Code Execution Vulnerability
ZDI-25-1194
ZDI-CAN-28563
CVE-2025-15270
(0Day) FontForge SFD File Parsing Improper Validation of Array Index Remote Code Execution Vulnerability
ZDI-25-1193
ZDI-CAN-28562
CVE-2025-15271
ZDI-25-1192
ZDI-CAN-28547
CVE-2025-15272
(0Day) FontForge SFD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-1191
ZDI-CAN-28546
CVE-2025-15273
(0Day) FontForge PFB File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-1190
ZDI-CAN-28544
CVE-2025-15274
ZDI-25-1189
ZDI-CAN-28543
CVE-2025-15275
ZDI-25-1188
ZDI-CAN-28525
CVE-2025-15280
ZDI-25-1187
ZDI-CAN-28198
CVE-2025-15276
(0Day) FontForge SFD File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-1186
ZDI-CAN-27920
CVE-2025-15277
(0Day) FontForge GUtils SGI File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-1185
ZDI-CAN-27865
CVE-2025-15278
(0Day) FontForge GUtils XBM File Parsing Integer Overflow Remote Code Execution Vulnerability
ZDI-25-1184
ZDI-CAN-27517
CVE-2025-15279
(0Day) FontForge GUtils BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-1183
ZDI-CAN-27197
Tencent
CVE-2025-13715
Tencent FaceDetection-DSFD resnet Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-1182
ZDI-CAN-28575
LibreNMS
CVE-2025-68614
LibreNMS Alert Rule API Cross-Site Scripting Vulnerability
ZDI-25-1181
ZDI-CAN-27507
Net-SNMP
CVE-2025-68615
Net-SNMP SnmpTrapd Agent Message Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-1180
ZDI-CAN-28558
Foxit
CVE-2025-66499
Foxit PDF Reader PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-1179
ZDI-CAN-28532
CVE-2025-66498
Foxit PDF Reader U3D File Parsing Use-After-Free Information Disclosure Vulnerability
ZDI-25-1178
ZDI-CAN-28531
CVE-2025-66497
Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-1177
ZDI-CAN-28523
CVE-2025-66496
Foxit PDF Reader U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-1176
ZDI-CAN-28403
CVE-2025-66495
Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability
ZDI-25-1175
ZDI-CAN-28306
CVE-2025-66494
Foxit PDF Reader PDF File Parsing Use-After-Free Remote Code Execution Vulnerability
ZDI-25-1174
ZDI-CAN-28210
CVE-2025-66493
Foxit PDF Reader AcroForm User-After-Free Remote Code Execution Vulnerability
ZDI-25-1173
ZDI-CAN-28053
CVE-2025-13941
Foxit PDF Reader Update Service Incorrect Permission Assignment Local Privilege Escalation Vulnerability
ZDI-25-1172
ZDI-CAN-27668
RealDefense
CVE-2025-14492
RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability
ZDI-25-1171
ZDI-CAN-27678
CVE-2025-14496
ZDI-25-1170
ZDI-CAN-27675
CVE-2025-14493
ZDI-25-1169
ZDI-CAN-27677
CVE-2025-14495
ZDI-25-1168
ZDI-CAN-27680
CVE-2025-14497
ZDI-25-1167
ZDI-CAN-27657
CVE-2025-14488
ZDI-25-1166
ZDI-CAN-27659
CVE-2025-14490
ZDI-25-1165
ZDI-CAN-27658
CVE-2025-14489
ZDI-25-1164
ZDI-CAN-27660
CVE-2025-14491
ZDI-25-1163
ZDI-CAN-27676
CVE-2025-14494
ZDI-25-1162
ZDI-CAN-26837
AzeoTech
CVE-2025-66590
AzeoTech DAQFactory CTL File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-1161
ZDI-CAN-26840
CVE-2025-66589
ZDI-25-1160
ZDI-CAN-26836
ZDI-25-1159
ZDI-CAN-26835
ZDI-25-1158
ZDI-CAN-25521
ZDI-25-1157
ZDI-CAN-25511
ZDI-25-1156
ZDI-CAN-25510
ZDI-25-1155
ZDI-CAN-27269
NSF Unidata
CVE-2025-14936
(0Day) NSF Unidata NetCDF-C Attribute Name Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-1154
ZDI-CAN-27168
CVE-2025-14935
(0Day) NSF Unidata NetCDF-C Dimension Name Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-1153
ZDI-CAN-27273
CVE-2025-14932
(0Day) NSF Unidata NetCDF-C Time Unit Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-1152
ZDI-CAN-27267
CVE-2025-14934
(0Day) NSF Unidata NetCDF-C Variable Name Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-1151
ZDI-CAN-27266
CVE-2025-14933
(0Day) NSF Unidata NetCDF-C NC Variable Integer Overflow Remote Code Execution Vulnerability
ZDI-25-1150
ZDI-CAN-25423
Hugging Face
CVE-2025-14920
(0Day) Hugging Face Transformers Perceiver Model Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-1149
ZDI-CAN-25424
CVE-2025-14921
(0Day) Hugging Face Transformers Transformer-XL Model Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-1148
ZDI-CAN-28252
CVE-2025-14927
(0Day) Hugging Face Transformers SEW-D convert_config Code Injection Remote Code Execution Vulnerability
ZDI-25-1147
ZDI-CAN-28251
CVE-2025-14926
(0Day) Hugging Face Transformers SEW convert_config Code Injection Remote Code Execution Vulnerability
ZDI-25-1146
ZDI-CAN-28253
CVE-2025-14928
(0Day) Hugging Face Transformers HuBERT convert_config Code Injection Remote Code Execution Vulnerability
ZDI-25-1145
ZDI-CAN-28309
CVE-2025-14930
(0Day) Hugging Face Transformers GLM4 Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-1144
ZDI-CAN-28308
CVE-2025-14929
(0Day) Hugging Face Transformers X-CLIP Checkpoint Conversion Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-1143
ZDI-CAN-28312
CVE-2025-14931
(0Day) Hugging Face smolagents Remote Python Executor Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-1142
ZDI-CAN-27424
CVE-2025-14922
(0Day) Hugging Face Diffusers CogView4 Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-1141
ZDI-CAN-27984
CVE-2025-14924
(0Day) Hugging Face Transformers megatron_gpt2 Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-1140
ZDI-CAN-27985
CVE-2025-14925
(0Day) Hugging Face Accelerate Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-1139
ZDI-CAN-28248
CVE-2025-14425
GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-1138
ZDI-CAN-28376
CVE-2025-14424
GIMP XCF File Parsing Use-After-Free Remote Code Execution Vulnerability
ZDI-25-1137
ZDI-CAN-28311
CVE-2025-14423
GIMP LBM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-1136
ZDI-CAN-28273
CVE-2025-14422
GIMP PNM File Parsing Integer Overflow Remote Code Execution Vulnerability
ZDI-25-1135
ZDI-CAN-27960
Autodesk
CVE-2025-10881
Autodesk AutoCAD CATPRODUCT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-1134
ZDI-CAN-26883
CVE-2025-66586
AzeoTech DAQFactory CTL File Parsing Type Confusion Remote Code Execution Vulnerability
ZDI-25-1133
ZDI-CAN-25515
ZDI-25-1132
ZDI-CAN-25513
ZDI-25-1131
ZDI-CAN-27523
ZDI-25-1130
ZDI-CAN-25512
AzeoTech DAQFactory CTL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-1129
ZDI-CAN-27811
ZDI-25-1128
ZDI-CAN-25514
CVE-2025-66585
AzeoTech DAQFactory CTL File Parsing Use-After-Free Remote Code Execution Vulnerability
ZDI-25-1127
ZDI-CAN-28038
Apple
CVE-2025-43541
Apple Safari JavaScriptCore FTL DataView byteLength Property Handling Type Confusion Remote Code Execution Vulnerability
ZDI-25-1126
ZDI-CAN-28284
CVE-2025-43501
Apple Safari JavaScriptCore HashTable Expansion Integer Overflow Remote Code Execution Vulnerability
ZDI-25-1125
ZDI-CAN-27644
Trend Micro
CVE-2025-53503
Trend Micro Cleaner One Pro Link Following Local Privilege Escalation Vulnerability
ZDI-25-1124
ZDI-CAN-27146
Siemens
CVE-2025-40829
Siemens Simcenter Femap SLDPRT File Parsing Uninitialized Memory Remote Code Execution Vulnerability
ZDI-25-1123
ZDI-CAN-28421
CVE-2025-14593
Autodesk AutoCAD CATPART File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-1122
ZDI-CAN-28179
CVE-2025-10900
Autodesk AutoCAD MODEL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-1121
ZDI-CAN-28180
CVE-2025-10899
ZDI-25-1120
ZDI-CAN-27970
CVE-2025-9452
Autodesk AutoCAD SLDPRT File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-1119
ZDI-CAN-27971
CVE-2025-9453
Autodesk AutoCAD PRT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-1118
ZDI-CAN-27972
CVE-2025-9454
ZDI-25-1117
ZDI-CAN-27963
CVE-2025-9455
Autodesk AutoCAD CATPRODUCT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-1116
ZDI-CAN-27964
CVE-2025-9456
ZDI-25-1115
ZDI-CAN-27961
Autodesk AutoCAD PRT File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-1114
ZDI-CAN-27966
CVE-2025-9459
Autodesk AutoCAD SLDPRT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-1113
ZDI-CAN-27967
CVE-2025-9460
ZDI-25-1112
ZDI-CAN-27973
CVE-2025-10882
Autodesk AutoCAD X_T File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-1111
ZDI-CAN-27974
CVE-2025-10883
ZDI-25-1110
ZDI-CAN-27998
CVE-2025-10884
Autodesk AutoCAD CATPART File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-1109
ZDI-CAN-28120
CVE-2025-10886
Autodesk AutoCAD MODEL File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-1108
ZDI-CAN-28126
ZDI-25-1107
ZDI-CAN-28127
CVE-2025-10888
ZDI-25-1106
ZDI-CAN-28128
CVE-2025-10889
Autodesk AutoCAD CATPART File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-1105
ZDI-CAN-28181
CVE-2025-10898
ZDI-25-1104
ZDI-CAN-26770
Sante
CVE-2025-14501
Sante PACS Server HTTP Content-Length Header Handling NULL Pointer Dereference Denial-of-Service Vulnerability
ZDI-25-1103
ZDI-CAN-27360
Fuji Electric
CVE-2025-53524
Fuji Electric Monitouch V-SFT V7 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-1102
ZDI-CAN-27436
ZDI-25-1101
ZDI-CAN-27438
ZDI-25-1100
ZDI-CAN-27440
ZDI-25-1099
ZDI-CAN-27795
Microsoft
CVE-2025-60711
Microsoft Edge Mark-Of-The-Web Removal Remote Code Execution Vulnerability
ZDI-25-1098
ZDI-CAN-27306
Fortinet
CVE-2025-54353
Fortinet FortiSandbox hcproxy Cross-Site Scripting Remote Code Execution Vulnerability
ZDI-25-1097
ZDI-CAN-27309
CVE-2025-53949
Fortinet FortiSandbox name Parameter Command Injection Remote Code Execution Vulnerability
ZDI-25-1096
ZDI-CAN-27308
Fortinet FortiSandbox upload_vdi_file Command Injection Remote Code Execution Vulnerability
ZDI-25-1095
ZDI-CAN-27305
Fortinet FortiSandbox names admindel_confirm Command Injection Remote Code Execution Vulnerability
ZDI-25-1094
ZDI-CAN-28211
CVE-2025-64447
Fortinet FortiWeb ApacheCookie_parse Improper Verification of Cryptographic Signature Authentication Bypass Vulnerability
ZDI-25-1093
ZDI-CAN-27867
PDFsam
CVE-2025-14405
(0Day) PDFsam Enhanced Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
ZDI-25-1092
ZDI-CAN-27498
CVE-2025-14404
(0Day) PDFsam Enhanced XLS File Insufficient UI Warning Remote Code Execution Vulnerability
ZDI-25-1091
ZDI-CAN-27500
CVE-2025-14403
(0Day) PDFsam Enhanced Launch Insufficient UI Warning Remote Code Execution Vulnerability
ZDI-25-1090
ZDI-CAN-27499
CVE-2025-14402
(0Day) PDFsam Enhanced DOC File Insufficient UI Warning Remote Code Execution Vulnerability
ZDI-25-1089
ZDI-CAN-27260
CVE-2025-14401
(0Day) PDFsam Enhanced App Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-1088
ZDI-CAN-27494
Soda PDF
CVE-2025-14415
(0Day) Soda PDF Desktop Launch Insufficient UI Warning Remote Code Execution Vulnerability
ZDI-25-1087
ZDI-CAN-27496
CVE-2025-14414
(0Day) Soda PDF Desktop Word File Insufficient UI Warning Remote Code Execution Vulnerability
ZDI-25-1086
ZDI-CAN-27509
CVE-2025-14413
(0Day) Soda PDF Desktop CBZ File Parsing Directory Traversal Remote Code Execution Vulnerability
ZDI-25-1085
ZDI-CAN-27495
CVE-2025-14412
(0Day) Soda PDF Desktop XLS File Insufficient UI Warning Remote Code Execution Vulnerability
ZDI-25-1084
ZDI-CAN-27140
CVE-2025-14411
(0Day) Soda PDF Desktop PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-1083
ZDI-CAN-27142
CVE-2025-14410
ZDI-25-1082
ZDI-CAN-27120
CVE-2025-14409
(0Day) Soda PDF Desktop PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-1081
ZDI-CAN-27143
CVE-2025-14408
ZDI-25-1080
ZDI-CAN-27141
CVE-2025-14407
(0Day) Soda PDF Desktop PDF File Parsing Memory Corruption Information Disclosure Vulnerability
ZDI-25-1079
ZDI-CAN-25793
CVE-2025-14406
(0Day) Soda PDF Desktop Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
ZDI-25-1078
ZDI-CAN-27915
pdfforge
CVE-2025-14421
(0Day) pdfforge PDF Architect PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-1077
ZDI-CAN-27514
CVE-2025-14420
(0Day) pdfforge PDF Architect CBZ File Parsing Directory Traversal Remote Code Execution Vulnerability
ZDI-25-1076
ZDI-CAN-27902
CVE-2025-14419
(0Day) pdfforge PDF Architect PDF File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-1075
ZDI-CAN-27502
CVE-2025-14418
(0Day) pdfforge PDF Architect XLS File Insufficient UI Warning Remote Code Execution Vulnerability
ZDI-25-1074
ZDI-CAN-27501
CVE-2025-14417
(0Day) pdfforge PDF Architect Launch Insufficient UI Warning Remote Code Execution Vulnerability
ZDI-25-1073
ZDI-CAN-27503
CVE-2025-14416
(0Day) pdfforge PDF Architect DOC File Insufficient UI Warning Remote Code Execution Vulnerability
ZDI-25-1072
ZDI-CAN-27394
IceWarp
CVE-2025-14500
IceWarp14 X-File-Operation Command Injection Remote Code Execution Vulnerability
ZDI-25-1071
ZDI-CAN-25441
CVE-2025-14499
IceWarp gmaps Cross-Site Scripting Authentication Bypass Vulnerability
ZDI-25-1070
ZDI-CAN-27395
TradingView
CVE-2025-14498
TradingView Desktop Electron Uncontrolled Search Path Local Privilege Escalation Vulnerability
ZDI-25-1069
ZDI-CAN-23193
oFono
CVE-2024-7539
(Pwn2Own) oFono CUSD Stack-based Buffer Overflow Code Execution Vulnerability
ZDI-25-1068
ZDI-CAN-27353
CVE-2025-54496
Fuji Electric Monitouch V-SFT V7 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-1067
ZDI-CAN-27358
CVE-2025-54526
Fuji Electric Monitouch V-SFT V7 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-1066
ZDI-CAN-27352
ZDI-25-1065
ZDI-CAN-27350
ZDI-25-1064
ZDI-CAN-27527
ZDI-25-1063
ZDI-CAN-27399
ZDI-25-1062
ZDI-CAN-27351
ZDI-25-1061
ZDI-CAN-27873
Windscribe
CVE-2025-14400
Windscribe Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
ZDI-25-1060
ZDI-CAN-26908
Senstar
CVE-2025-12491
Senstar Symphony FetchStoredLicense Information Disclosure Vulnerability
ZDI-25-1059
ZDI-CAN-28569
Vim
CVE-2025-66476
Vim for Windows Uncontrolled Search Path Element Remote Code Execution Vulnerability
ZDI-25-1058
ZDI-CAN-27311
(0Day) Microsoft Windows TAR File UI Misrepresentation Vulnerability
ZDI-25-1057
ZDI-CAN-26574
(0Day) Microsoft Visual Studio VsDevCmd Uncontrolled Search Path Element Remote Code Execution Vulnerability
ZDI-25-1056
ZDI-CAN-27220
(0Day) Microsoft ASP.NET SOAP Execution Restriction Bypass Remote Code Execution Vulnerability
ZDI-25-1055
ZDI-CAN-27835
(0Day) Microsoft Windows MP4 File Parsing Null Pointer Dereference Denial-of-Service Vulnerability
ZDI-25-1054
ZDI-CAN-26750
(0Day) Microsoft Windows dir Command Improper Character Neutralization Vulnerability
ZDI-25-1053
ZDI-CAN-27955
(0Day) Microsoft SharePoint Calendar Overlay Hyperlink Injection Vulnerability
ZDI-25-1052
ZDI-CAN-28116
Ivanti
CVE-2025-13661
Ivanti Endpoint Manager CAB File Parsing Directory Traversal Remote Code Execution Vulnerability
ZDI-25-1051
ZDI-CAN-26897
CVE-2025-13662
Ivanti Endpoint Manager HIIDriver Improper Verification of Cryptographic Signature Remote Code Execution Vulnerability
ZDI-25-1050
ZDI-CAN-26573
Microsoft Azure Virtual Desktop Link Following Local Privilege Escalation Vulnerability
ZDI-25-1049
ZDI-CAN-27759
CVE-2025-62458
Microsoft Windows win32kfull Out-Of-Bounds Write Local Privilege Escalation Vulnerability
ZDI-25-1048
ZDI-CAN-27760
ZDI-25-1047
ZDI-CAN-27761
Microsoft Windows win32kbase Out-Of-Bounds Access Local Privilege Escalation Vulnerability
ZDI-25-1046
ZDI-CAN-27832
Microsoft Windows win32kfull Type Confusion Local Privilege Escalation Vulnerability
ZDI-25-1045
ZDI-CAN-27376
Schneider Electric
CVE-2025-11565, CVE-2025-11566, CVE-2025-11567
Schneider Electric PowerChute Serial Shutdown Directory Traversal Local Privilege Escalation Vulnerability
ZDI-25-1044
ZDI-CAN-27954
NVIDIA
CVE-2025-33184
NVIDIA Isaac-GR00T secure_server Authentication Bypass Vulnerability
ZDI-25-1043
ZDI-CAN-27425
Adobe
CVE-2025-64899
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-1042
ZDI-CAN-26755
CVE-2025-40936
Siemens Simcenter Femap IGS File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-1041
ZDI-CAN-27950
CVE-2025-33183
NVIDIA Isaac-GR00T TorchSerializer Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-1040
ZDI-CAN-28409
Synology
CVE-2025-13392
(Pwn2Own) Synology DiskStation DS925+ samlAuth Authentication Bypass Vulnerability
ZDI-25-1039
ZDI-CAN-28275
CVE-2025-12686
(Pwn2Own) Synology BeeStation Plus auth_info Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-1038
ZDI-CAN-27201
CVE-2025-23357
NVIDIA Megatron load_common Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-1037
ZDI-CAN-27649
Emerson
CVE-2024-3871
Emerson Movicon RTUSERS File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-1036
ZDI-CAN-27185
CVE-2025-13709
Tencent TFace restore_checkpoint Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-1035
ZDI-CAN-27187
CVE-2025-13711
Tencent TFace eval Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-1034
ZDI-CAN-27182
CVE-2025-13706
Tencent PatrickStar merge_checkpoint Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-1033
ZDI-CAN-27184
CVE-2025-13708
Tencent NeuralNLP-NeuralClassifier _load_checkpoint Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-1032
ZDI-CAN-27208
CVE-2025-13716
Tencent MimicMotion create_pipeline Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-1031
ZDI-CAN-27192
CVE-2025-13714
Tencent MedicalNet generate_model Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-1030
ZDI-CAN-27186
CVE-2025-13710
Tencent HunyuanVideo load_vae Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-1029
ZDI-CAN-27183
CVE-2025-13707
Tencent HunyuanDiT model_resume Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-1028
ZDI-CAN-27190
CVE-2025-13712
Tencent HunyuanDiT merge Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-1027
ZDI-CAN-27191
CVE-2025-13713
Tencent Hunyuan3D-1 load_pretrained Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-1026
ZDI-CAN-24122
Appleton
Appleton UPSMON-PRO UPSMONProService Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-1025
ZDI-CAN-27000
MariaDB
CVE-2025-13699
MariaDB mariadb-dump Utility Directory Traversal Remote Code Execution Vulnerability
ZDI-25-1024
ZDI-CAN-26589
DreamFactory
CVE-2025-13700
DreamFactory saveZipFile Command Injection Remote Code Execution Vulnerability
ZDI-25-1023
ZDI-CAN-27147
VIPRE
CVE-2025-13703
VIPRE Advanced Security Incorrect Permission Assignment Local Privilege Escalation Vulnerability
ZDI-25-1022
ZDI-CAN-28133
Deciso
CVE-2025-13698
Deciso OPNsense diag_backup.php filename Directory Traversal Arbitrary File Creation Vulnerability
ZDI-25-1021
ZDI-CAN-26570
CVE-2025-40755
Siemens SINEC NMS getTotalAndFilterCounts SQL Injection Privilege Escalation Vulnerability
ZDI-25-1020
ZDI-CAN-27310
Arista
CVE-2025-6978
Arista NG Firewall runTroubleshooting Command Injection Remote Code Execution Vulnerability
ZDI-25-1019
ZDI-CAN-27007
CVE-2025-6979
Arista NG Firewall replace_marker Exposed Dangerous Function Authentication Bypass Vulnerability
ZDI-25-1018
ZDI-CAN-27006
CVE-2025-6980
Arista NG Firewall load_capture_settings Exposed Dangerous Function Information Disclosure Vulnerability
ZDI-25-1017
ZDI-CAN-27794
ASUS
CVE-2025-59373
ASUS MyASUS Incorrect Permission Assignment Local Privilege Escalation Vulnerability
ZDI-25-1016
ZDI-CAN-27540
Wibu-Systems
Wibu-Systems WibuKey Runtime Untrusted Pointer Dereference Local Privilege Escalation Vulnerability
ZDI-25-1015
ZDI-CAN-26516
Parallels
CVE-2025-66288
Parallels Toolbox CleanDrive Link Following Local Privilege Escalation Vulnerability
ZDI-25-1014
ZDI-CAN-27383
CVE-2025-58034
Fortinet FortiWeb policy_scripting_post_handler Command Injection Remote Code Execution Vulnerability
ZDI-25-1013
ZDI-CAN-27858
CVE-2025-33186
NVIDIA AIStore AuthN Hard-coded Credentials Authentication Bypass Vulnerability
ZDI-25-1012
ZDI-CAN-27857
CVE-2025-33185
NVIDIA AIStore AuthN users Missing Authentication for Critical Function Information Disclosure Vulnerability
ZDI-25-1011
ZDI-CAN-28039
CVE-2025-43432
Apple Safari JavaScriptCore Wasm Function Parsing Use-After-Free Remote Code Execution Vulnerability
ZDI-25-1010
ZDI-CAN-27991
CVE-2025-43457
Apple Safari JavaScriptCore DFG CSE Phase Graph Node Substitution Use-After-Free Remote Code Execution Vulnerability
ZDI-25-1009
ZDI-CAN-27849
CVE-2025-43384
Apple macOS USD readAccessorData Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-1008
ZDI-CAN-27894
CVE-2025-43380
Apple macOS ICC Profile Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-1007
ZDI-CAN-27825
CVE-2025-43438
Apple Safari JavaScriptCore operationMapIteratorNext Type Confusion Information Disclosure Vulnerability
ZDI-25-1006
ZDI-CAN-27796
CVE-2025-43445
Apple macOS CoreText Font Glyph Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-1005
ZDI-CAN-27348
CVE-2025-43401
Apple macOS WindowServer Excessive Iteration Denial-of-Service Vulnerability
ZDI-25-1004
ZDI-CAN-27854
CVE-2025-43386
Apple macOS USD importMeshJointWeights Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-1003
ZDI-CAN-27853
CVE-2025-43383
Apple macOS USD importNodeAnimations Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-1002
ZDI-CAN-27848
CVE-2025-43385
Apple macOS USD importMeshes Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-1001
ZDI-CAN-27263
CVE-2025-60709
Microsoft Windows Common Log File System Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-1000
ZDI-CAN-28025
CVE-2025-61844
Adobe USD-Fileformat-plugins usdGltf Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-999
ZDI-CAN-28023
CVE-2025-61845
ZDI-25-998
ZDI-CAN-28024
CVE-2025-61843
ZDI-25-997
ZDI-CAN-28027
CVE-2025-61842
Adobe USD-Fileformat-plugins usdGltf Use-After-Free Information Disclosure Vulnerability
ZDI-25-996
ZDI-CAN-28022
CVE-2025-61841
ZDI-25-995
ZDI-CAN-28026
CVE-2025-61840
ZDI-25-994
ZDI-CAN-28072
CVE-2025-61839
Adobe USD-Fileformat-plugins Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-993
ZDI-CAN-28071
CVE-2025-61838
Adobe USD-Fileformat-plugins usdGltf Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-992
ZDI-CAN-28021
CVE-2025-61837
ZDI-25-991
ZDI-CAN-27948
Academy Software Foundation
CVE-2025-12840
Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-990
ZDI-CAN-27947
CVE-2025-12839
ZDI-25-989
ZDI-CAN-27946
CVE-2025-12495
ZDI-25-988
ZDI-CAN-27245
MSP360
CVE-2025-12838
MSP360 Free Backup Link Following Local Privilege Escalation Vulnerability
ZDI-25-987
ZDI-CAN-27965
CVE-2025-9458
ZDI-25-986
ZDI-CAN-27900
CVE-2025-10885
Autodesk On-Demand Install Services adsk_IPCUpdaterChannel Origin Validation Error Local Privilege Escalation Vulnerability
ZDI-25-985
ZDI-CAN-27323
Delta Electronics
CVE-2025-47728
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-984
ZDI-CAN-26635
Alibaba
Alibaba Cloud Workspace Client Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
ZDI-25-983
ZDI-CAN-27913
evernote-mcp-server
CVE-2025-12489
evernote-mcp-server openBrowser Command Injection Privilege Escalation Vulnerability
ZDI-25-982
ZDI-CAN-26681
oobabooga
CVE-2025-12487
oobabooga text-generation-webui trust_remote_code Reliance on Untrusted Inputs Remote Code Execution Vulnerability
ZDI-25-981
ZDI-CAN-26680
CVE-2025-12488
ZDI-25-980
ZDI-CAN-24755
Heimdall Data
CVE-2025-12486
Heimdall Data Database Proxy Cross-Site Scripting Remote Code Execution Vulnerability
ZDI-25-979
ZDI-CAN-28085
Netgate
CVE-2025-12490
Netgate pfSense CE Suricata Path Traversal Remote Code Execution Vulnerability
ZDI-25-978
ZDI-CAN-27823
CVE-2025-10934
GIMP XWD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-977
ZDI-CAN-27086
CVE-2025-62579
Delta Electronics ASDA-Soft PAR File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-976
ZDI-CAN-27128
CVE-2025-62580
ZDI-25-975
ZDI-CAN-27560
X.Org
CVE-2025-62231
X.Org Server XkbSetCompatMap Numeric Truncation Error Privilege Escalation Vulnerability
ZDI-25-974
ZDI-CAN-27545
CVE-2025-62230
X.Org Server XkbRemoveResourceClient Use-After-Free Privilege Escalation Vulnerability
ZDI-25-973
ZDI-CAN-27238
CVE-2025-62229
X.Org Server present_create_notifies Use-After-Free Privilege Escalation Vulnerability
ZDI-25-972
ZDI-CAN-27830
Krita
CVE-2025-59820
Krita TGA File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-971
ZDI-CAN-26677
CVE-2025-59298
Delta Electronics DIAScreen DPA File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-970
ZDI-CAN-26683
CVE-2025-59299
ZDI-25-969
ZDI-CAN-26672
CVE-2025-59297
ZDI-25-968
ZDI-CAN-26687
CVE-2025-59300
ZDI-25-967
ZDI-CAN-25407
CVE-2025-58319
Delta Electronics CNCSoft-G2 DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-966
ZDI-CAN-27536
Cisco
CVE-2025-20359
Cisco Snort process_mime_body Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-965
ZDI-CAN-27165
DataChain
CVE-2025-61677
DataChain data_storage Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-964
ZDI-CAN-28057
CVE-2025-50154
Microsoft Windows LNK File Parsing Improper Input Validation NTLM Relay Vulnerability
ZDI-25-963
ZDI-CAN-27061
Veeam
CVE-2025-48982
Veeam Agent for Microsoft Windows Link Following Local Privilege Escalation Vulnerability
ZDI-25-962
ZDI-CAN-27895
Oracle
CVE-2025-62589
Oracle VirtualBox VMSVGA Integer Overflow Local Privilege Escalation Vulnerability
ZDI-25-961
ZDI-CAN-27933
CVE-2025-62641
Oracle VirtualBox USB Use-After-Free Local Privilege Escalation Vulnerability
ZDI-25-960
ZDI-CAN-27924
CVE-2025-62590
Oracle VirtualBox VMSVGA Stack-based Buffer Overflow Local Privilege Escalation Vulnerability
ZDI-25-959
ZDI-CAN-27890
CVE-2025-62588
Oracle VirtualBox VMSVGA Integer Underflow Local Privilege Escalation Vulnerability
ZDI-25-958
ZDI-CAN-27871
CVE-2025-62591
Oracle VirtualBox VMSVGA Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-957
ZDI-CAN-27241
CVE-2025-61759
Oracle VirtualBox Virtio-net Uninitialized Memory Information Disclosure Vulnerability
ZDI-25-956
ZDI-CAN-26631
Ashlar-Vellum
CVE-2025-11465
(0Day) Ashlar-Vellum Cobalt CO File Parsing Use-After-Free Remote Code Execution Vulnerability
ZDI-25-955
ZDI-CAN-26628
CVE-2025-11464
(0Day) Ashlar-Vellum Cobalt CO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-954
ZDI-CAN-26626
CVE-2025-11463
(0Day) Ashlar-Vellum Cobalt XE File Parsing Integer Overflow Remote Code Execution Vulnerability
ZDI-25-953
ZDI-CAN-27289
CVE-2025-59284
Microsoft Windows TAR File Parsing NTLM Relay Vulnerability
ZDI-25-952
ZDI-CAN-26912
CVE-2025-9872
Ivanti Endpoint Manager UniqueFilename Unrestricted File Upload Remote Code Execution Vulnerability
ZDI-25-951
ZDI-CAN-27136
Allegra
CVE-2025-11466
Allegra DatabaseBackupBL Directory Traversal Information Disclosure Vulnerability
ZDI-25-950
ZDI-CAN-26743
7-Zip
CVE-2025-11002
7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability
ZDI-25-949
ZDI-CAN-26753
CVE-2025-11001
ZDI-25-948
ZDI-CAN-27130
Jaspersoft
CVE-2025-10492
Jaspersoft Jasper Reports JRLoader Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-947
ZDI-CAN-25369
CVE-2025-11622
(0Day) Ivanti Endpoint Manager AgentPortal Deserialization of Untrusted Data Local Privilege Escalation Vulnerability
ZDI-25-946
ZDI-CAN-26859
CVE-2025-62386
(0Day) Ivanti Endpoint Manager Report_RunPatch SQL Injection Remote Code Execution Vulnerability
ZDI-25-945
ZDI-CAN-26857
CVE-2025-62384
(0Day) Ivanti Endpoint Manager MP_Report_Run2 SQL Injection Remote Code Execution Vulnerability
ZDI-25-944
ZDI-CAN-26866
CVE-2025-62392
(0Day) Ivanti Endpoint Manager DBDR SQL Injection Remote Code Execution Vulnerability
ZDI-25-943
ZDI-CAN-26865
CVE-2025-62391
(0Day) Ivanti Endpoint Manager PatchHistory SQL Injection Remote Code Execution Vulnerability
ZDI-25-942
ZDI-CAN-26864
CVE-2025-62390
(0Day) Ivanti Endpoint Manager MP_QueryDetail2 SQL Injection Remote Code Execution Vulnerability
ZDI-25-941
ZDI-CAN-26862
CVE-2025-62389
(0Day) Ivanti Endpoint Manager GetCountForQuery SQL Injection Remote Code Execution Vulnerability
ZDI-25-940
ZDI-CAN-26861
CVE-2025-62388
(0Day) Ivanti Endpoint Manager MP_QueryDetail SQL Injection Remote Code Execution Vulnerability
ZDI-25-939
ZDI-CAN-26860
CVE-2025-62387
(0Day) Ivanti Endpoint Manager MP_VistaReport SQL Injection Remote Code Execution Vulnerability
ZDI-25-938
ZDI-CAN-26858
CVE-2025-62385
ZDI-25-937
ZDI-CAN-26856
CVE-2025-62383
(0Day) Ivanti Endpoint Manager Report_Run SQL Injection Remote Code Execution Vulnerability
ZDI-25-936
ZDI-CAN-26855
CVE-2025-11623
(0Day) Ivanti Endpoint Manager Report_Run2 SQL Injection Remote Code Execution Vulnerability
ZDI-25-935
ZDI-CAN-26834
CVE-2025-9713
(0Day) Ivanti Endpoint Manager OnSaveToDB Directory Traversal Remote Code Execution Vulnerability
ZDI-25-934
ZDI-CAN-26144
MindManager
MindManager Attachment Insufficient UI Warning Remote Code Execution Vulnerability
ZDI-25-933
ZDI-CAN-27195
Redis
CVE-2025-49844
(Pwn2Own) Redis Lua Use-After-Free Remote Code Execution Vulnerability
ZDI-25-932
ZDI-CAN-26916
MLflow
CVE-2025-11200
MLflow Weak Password Requirements Authentication Bypass Vulnerability
ZDI-25-931
ZDI-CAN-26921
CVE-2025-11201
MLflow Tracking Server Model Creation Directory Traversal Remote Code Execution Vulnerability
ZDI-25-930
ZDI-CAN-27787
win-cli-mcp-server
CVE-2025-11202
win-cli-mcp-server resolveCommandPath Command Injection Remote Code Execution Vulnerability
ZDI-25-929
ZDI-CAN-26585
LiteLLM
CVE-2025-11203
LiteLLM Information health API_KEY Information Disclosure Vulnerability
ZDI-25-928
ZDI-CAN-26824
CVE-2025-57704
Delta Electronics EIP Builder EIP File Parsing XML External Entity Processing Information Disclosure Vulnerability
ZDI-25-927
ZDI-CAN-26843
CVE-2025-58320
Delta Electronics DIALink Directory Traversal Authentication Bypass Vulnerability
ZDI-25-926
ZDI-CAN-26827
CVE-2025-58321
Delta Electronics DIALink Directory Traversal Remote Code Execution Vulnerability
ZDI-25-925
ZDI-CAN-23861
Viessmann
CVE-2025-9494
Viessmann Vitogate 300 BN/MB vitogate.cgi form-0-2 Command Injection Remote Code Execution Vulnerability
ZDI-25-924
ZDI-CAN-26504
CVE-2025-9365
Fuji Electric FRENIC-Loader 4 EXTBM File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-923
ZDI-CAN-26503
Fuji Electric FRENIC-Loader 4 EXRTM File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-922
ZDI-CAN-26833
CVE-2025-9712
Ivanti Endpoint Manager EFile Directory Traversal Remote Code Execution Vulnerability
ZDI-25-921
ZDI-CAN-26375
Razer
CVE-2025-9870
Razer Synapse 3 RazerPhilipsHueUninstall Link Following Local Privilege Escalation Vulnerability
ZDI-25-920
ZDI-CAN-26373
CVE-2025-9871
Razer Synapse 3 Chroma Connect Link Following Local Privilege Escalation Vulnerability
ZDI-25-919
ZDI-CAN-26374
CVE-2025-9869
Razer Synapse 3 Macro Module Link Following Local Privilege Escalation Vulnerability
ZDI-25-918
ZDI-CAN-27382
CVE-2025-53609
Fortinet FortiWeb _cmf_get_config_file_path Directory Traversal Information Disclosure Vulnerability
ZDI-25-917
ZDI-CAN-27654
Linux
CVE-2025-38562
Linux Kernel ksmbd generate_key context.iov_base Null Pointer Dereference Denial-of-Service Vulnerability
ZDI-25-916
ZDI-CAN-27661
CVE-2025-38561
Linux Kernel ksmbd smb2_sess_setup Preauth_HashValue Race Condition Remote Code Execution Vulnerability
ZDI-25-915
ZDI-CAN-27561
CVE-2025-39698
Linux Kernel io_uring Futex Request Use-After-Free Local Privilege Escalation Vulnerability
ZDI-25-914
ZDI-CAN-27793
CVE-2025-10925
GIMP ILBM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-913
ZDI-CAN-27836
CVE-2025-10924
GIMP FF File Parsing Integer Overflow Remote Code Execution Vulnerability
ZDI-25-912
ZDI-CAN-27878
CVE-2025-10923
GIMP WBMP File Parsing Integer Overflow Remote Code Execution Vulnerability
ZDI-25-911
ZDI-CAN-27863
CVE-2025-10922
GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-910
ZDI-CAN-27803
CVE-2025-10921
GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-909
ZDI-CAN-27684
CVE-2025-10920
GIMP ICNS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-908
ZDI-CAN-27224
CVE-2025-8892
ZDI-25-907
ZDI-CAN-27557
CVE-2025-8354
Autodesk Revit RFA File Parsing Type Confusion Remote Code Execution Vulnerability
ZDI-25-906
ZDI-CAN-26042
SolarWinds
CVE-2025-26399
SolarWinds Web Help Desk AjaxProxy Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-905
ZDI-CAN-26474
Gen Digital
CVE-2025-3025
Gen Digital CCleaner Link Following Local Privilege Escalation Vulnerability
ZDI-25-904
ZDI-CAN-27283
Dassault Systèmes
CVE-2025-9447
Dassault Systèmes eDrawings Viewer PAR File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-903
ZDI-CAN-27332
CVE-2025-9449
Dassault Systèmes eDrawings Viewer PAR File Parsing Use-After-Free Remote Code Execution Vulnerability
ZDI-25-902
ZDI-CAN-27467
CVE-2025-9450
Dassault Systèmes eDrawings Viewer JT File Parsing Uninitialized Variable Remote Code Execution Vulnerability
ZDI-25-901
ZDI-CAN-27586
CVE-2025-43368
Apple Safari IPC Connection Invalidation Use-After-Free Information Disclosure Vulnerability
ZDI-25-900
ZDI-CAN-27407
CVE-2025-43346
Apple macOS OGG Audio File Header Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-899
ZDI-CAN-27286
CVE-2025-43349
Apple macOS Audio APAC Frame Decoding Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-898
ZDI-CAN-25289
CVE-2025-53418
Delta Electronics COMMGR Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-897
ZDI-CAN-22241
Avira
CVE-2024-13759
Avira Prime Link Following Local Privilege Escalation Vulnerability
ZDI-25-896
ZDI-CAN-26892
Wondershare
CVE-2025-10644
(0Day) Wondershare Repairit SAS Token Incorrect Permission Assignment Authentication Bypass Vulnerability
ZDI-25-895
ZDI-CAN-26902
CVE-2025-10643
(0Day) Wondershare Repairit Incorrect Permission Assignment Authentication Bypass Vulnerability
ZDI-25-894
ZDI-CAN-26583
Digilent
CVE-2025-10203
Digilent WaveForms DWF3WORK File Parsing Directory Traversal Remote Code Execution Vulnerability
ZDI-25-893
ZDI-CAN-26692
CVE-2025-40762
Siemens Simcenter Femap STP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-892
ZDI-CAN-24739
Microsoft .NET IsTypeAuthorized Deserialization of Untrusted Data Denial-of-Service Vulnerability
ZDI-25-891
ZDI-CAN-26640
CVE-2025-57778
(0Day) Digilent DASYLab DSB File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-890
ZDI-CAN-26615
CVE-2025-57777
ZDI-25-889
ZDI-CAN-26614
CVE-2025-57776
ZDI-25-888
ZDI-CAN-26613
CVE-2025-57775
(0Day) Digilent DASYLab DSB File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-887
ZDI-CAN-26612
CVE-2025-57774
ZDI-25-886
ZDI-CAN-26582
CVE-2025-9189
(0Day) Digilent DASYLab DSB File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-885
ZDI-CAN-26581
CVE-2025-9188
ZDI-25-884
ZDI-CAN-27261
QEMU
CVE-2025-8860
QEMU uefi-vars Uninitialized Memory Information Disclosure Vulnerability
ZDI-25-883
ZDI-CAN-26552
Realtek
CVE-2025-8300
Realtek rtl81xx SDK Wi-Fi Driver rtwlanu Heap-based Buffer Overflow Local Privilege Escalation Vulnerability
ZDI-25-882
ZDI-CAN-25857
CVE-2025-8299
Realtek rtl81xx SDK Wi-Fi Driver MgntActSet_TEREDO_SET_RS_PACKET Heap-based Buffer Overflow Local Privilege Escalation Vulnerability
ZDI-25-881
ZDI-CAN-25864
CVE-2025-8298
Realtek RTL8811AU rtwlanu.sys N6CQueryInformationHandleCustomized11nOids Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-880
ZDI-CAN-24786
CVE-2025-8301
Realtek RTL8811AU rtwlanu.sys N6CSet_DOT11_CIPHER_DEFAULT_KEY Heap-based Buffer Overflow Local Privilege Escalation Vulnerability
ZDI-25-879
ZDI-CAN-26553
CVE-2025-8302
ZDI-25-878
ZDI-CAN-26523
CVE-2025-43283
Apple macOS AppleIntelKBLGraphics Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-877
ZDI-CAN-25875
CVE-2025-53419
Delta Electronics ISPSoft ISP File Parsing Improper Control of Dynamically-Managed Code Remote Code Execution Vulnerability
ZDI-25-876
ZDI-CAN-26744
CVE-2025-25175
Siemens Simcenter Femap NEU File Parsing Type Confusion Remote Code Execution Vulnerability
ZDI-25-875
ZDI-CAN-26747
ZDI-25-874
ZDI-CAN-26748
ZDI-25-873
ZDI-CAN-27504
CVE-2025-38563
Linux Kernel perf Subsystem AUX Buffers Use-After-Free Local Privilege Escalation Vulnerability
ZDI-25-872
ZDI-CAN-27129
TeamViewer
CVE-2025-44002
TeamViewer Link Following Denial-of-Service Vulnerability
ZDI-25-871
ZDI-CAN-25847
QNAP
CVE-2024-13087
(Pwn2Own) QNAP QHora-322 miro_webserver_lib_RunExecBash Command Injection Remote Code Execution Vulnerability
ZDI-25-870
ZDI-CAN-25709
CVE-2025-9330
Foxit PDF Reader Update Service Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
ZDI-25-869
ZDI-CAN-27101
CVE-2025-9323
Foxit PDF Reader JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-868
ZDI-CAN-26802
CVE-2025-9324
Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-867
ZDI-CAN-26785
CVE-2025-9325
ZDI-25-866
ZDI-CAN-26784
CVE-2025-9326
Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-865
ZDI-CAN-26774
CVE-2025-9327
ZDI-25-864
ZDI-CAN-26773
CVE-2025-9328
ZDI-25-863
ZDI-CAN-26772
CVE-2025-9329
ZDI-25-862
ZDI-CAN-27085
CVE-2025-5048
Autodesk AutoCAD DGN File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-861
ZDI-CAN-27084
CVE-2025-5047
Autodesk AutoCAD DGN File Parsing Uninitialized Variable Remote Code Execution Vulnerability
ZDI-25-860
ZDI-CAN-27083
CVE-2025-5046
Autodesk AutoCAD DGN File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-859
ZDI-CAN-26486
Firebird
CVE-2025-54989
Firebird SQL Database Server XDR Message Parsing NULL Pointer Dereference Denial-of-Service Vulnerability
ZDI-25-858
ZDI-CAN-25774
Axis Communications
Axis Communications Autodesk Plugin AzureBlobRestAPI axiscontentfiles Remote Code Execution Vulnerability
ZDI-25-857
ZDI-CAN-27433
CVE-2025-8297
Ivanti Avalanche FileStoreConfig Arbitrary File Upload Remote Code Execution Vulnerability
ZDI-25-856
ZDI-CAN-27134
CVE-2025-8296
Ivanti Avalanche getCountMuStatDevicePropResultsFromMuListAgentIds SQL Injection Remote Code Execution Vulnerability
ZDI-25-855
ZDI-CAN-22195
Cockroach Labs
CVE-2025-9276
Cockroach Labs cockroach-k8s-request-cert Empty Root Password Authentication Bypass Vulnerability
ZDI-25-854
ZDI-CAN-21655
Oxford Instruments
CVE-2025-9275
(0Day) Oxford Instruments Imaris Viewer IMS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-853
ZDI-CAN-21657
CVE-2025-9274
(0Day) Oxford Instruments Imaris Viewer IMS File Parsing Uninitialized Pointer Remote Code Execution Vulnerability
ZDI-25-852
ZDI-CAN-23950
CData
CVE-2025-9273
(0Day) CData API Server MySQL Misconfiguration Information Disclosure Vulnerability
ZDI-25-851
ZDI-CAN-27250
CVE-2025-23318
(Pwn2Own) NVIDIA Triton Inference Server IPC Push Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-850
ZDI-CAN-27249
CVE-2025-23333
(Pwn2Own) NVIDIA Triton Inference Server LoadFromSharedMemory Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-849
ZDI-CAN-27181
CVE-2025-23320
(Pwn2Own) NVIDIA Triton Inference Server SharedMemoryManager Error Message Information Disclosure Vulnerability
ZDI-25-848
ZDI-CAN-27209
CVE-2025-23296
ZDI-25-847
ZDI-CAN-27210
ZDI-25-846
ZDI-CAN-27058
CVE-2025-31281
Apple macOS USD importMeshJointWeights Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-845
ZDI-CAN-27174
CVE-2025-53132
(Pwn2Own) Microsoft Windows win32kfull Race Condition Local Privilege Escalation Vulnerability
ZDI-25-844
ZDI-CAN-27541
CVE-2025-53788
Microsoft Windows Subsystem for Linux WslCoreVm::Initialize Incorrect Privilege Management Information Disclosure Vulnerability
ZDI-25-843
ZDI-CAN-27188
CVE-2025-50168
(Pwn2Own) Microsoft Windows win32kbase Type Confusion Local Privilege Escalation Vulnerability
ZDI-25-842
ZDI-CAN-27171
CVE-2025-53156
(Pwn2Own) Microsoft Windows Exposed Dangerous Function Information Disclosure Vulnerability
ZDI-25-841
ZDI-CAN-27235
CVE-2025-53723
(Pwn2Own) Microsoft Windows 11 vhdmp Integer Overflow Local Privilege Escalation Vulnerability
ZDI-25-840
ZDI-CAN-27256
CVE-2025-53155
(Pwn2Own) Microsoft Windows 11 vhdmp Improper Validation of Array Index Local Privilege Escalation Vulnerability
ZDI-25-839
ZDI-CAN-26363
CVE-2025-53783
Microsoft Teams Real Time Media Manager Integer Underflow Remote Code Execution Vulnerability
ZDI-25-838
ZDI-CAN-27158
CVE-2025-50167
(Pwn2Own) Microsoft Windows 11 vhdmp Use-After-Free Local Privilege Escalation Vulnerability
ZDI-25-837
ZDI-CAN-26559
Rockwell Automation
CVE-2025-6377
Rockwell Automation Arena Simulation DOE File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-836
ZDI-CAN-26556
CVE-2025-6376
ZDI-25-835
ZDI-CAN-26766
NoMachine
CVE-2025-8614
NoMachine Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
ZDI-25-834
ZDI-CAN-26141
CVE-2025-48071
ZDI-25-833
ZDI-CAN-27199
CVE-2025-23298
NVIDIA Transformers4Rec load_model_trainer_states_from_checkpoint Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-832
ZDI-CAN-26478
CVE-2025-53417
Delta Electronics DIAView Directory Traversal Remote Code Execution Vulnerability
ZDI-25-831
ZDI-CAN-26477
Delta Electronics DIAView Directory Traversal Information Disclosure Vulnerability
ZDI-25-830
ZDI-CAN-26463
CVE-2025-54924
(0Day) Schneider Electric EcoStruxure Power Monitoring Expert GetPagesAsImages Server-Side Request Forgery Information Disclosure Vulnerability
ZDI-25-829
ZDI-CAN-26275
CVE-2025-54923
(0Day) Schneider Electric EcoStruxure Power Monitoring Expert GetFilteredSinkProvider Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-828
ZDI-CAN-26274
CVE-2025-54927
(0Day) Schneider Electric EcoStruxure Power Monitoring Expert HttpPostedFile Directory Traversal Remote Code Execution Vulnerability
ZDI-25-827
ZDI-CAN-26273
CVE-2025-54926
(0Day) Schneider Electric EcoStruxure Power Monitoring Expert GetTgmlContent Directory Traversal Information Disclosure Vulnerability
ZDI-25-826
ZDI-CAN-26464
CVE-2025-54925
(0Day) Schneider Electric EcoStruxure Power Monitoring Expert ExportDataAsXML Server-Side Request Forgery Information Disclosure Vulnerability
ZDI-25-825
ZDI-CAN-26281
Apple macOS AudioToolboxCore Audio Conversion Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-824
ZDI-CAN-26364
(0Day) Microsoft Windows Theme File Parsing Improper Input Validation NTLM Relay Vulnerability
ZDI-25-823
ZDI-CAN-26372
ZDI-25-822
ZDI-CAN-25207
(0Day) Microsoft SharePoint GetTransformer Unsafe Reflection Denial-of-Service Vulnerability
ZDI-25-821
ZDI-CAN-24974
(0Day) Microsoft Windows Internet Explorer Remote Code Execution Vulnerability
ZDI-25-820
ZDI-CAN-24831
(0Day) Microsoft SharePoint IsAuthorizedType Deserialization of Untrusted Data Information Disclosure and Denial-of-Service Vulnerability
ZDI-25-819
ZDI-CAN-24425
(0Day) Microsoft Windows NetBIOS Hostname SmartScreen Bypass Remote Code Execution Vulnerability
ZDI-25-818
ZDI-CAN-24078
(0Day) Microsoft Windows OneDrive SmartScreen Bypass Vulnerability
ZDI-25-817
ZDI-CAN-23584
(0Day) Microsoft Edge PDF NTLM Response Information Disclosure Vulnerability
ZDI-25-816
ZDI-CAN-23960
(0Day) Microsoft Azure AP5GC gNB-ID Use of Multiple Resources with Duplicate Identifier Denial-Of-Service Vulnerability
ZDI-25-815
ZDI-CAN-23990
(0Day) Microsoft Windows CAB File SmartScreen Bypass Vulnerability
ZDI-25-814
ZDI-CAN-23548
(0Day) Microsoft Windows MonikerLink Information Disclosure Vulnerability
ZDI-25-813
ZDI-CAN-23444
(0Day) Microsoft PowerShell TryModuleAutoLoading Directory Traversal Remote Code Execution Vulnerability
ZDI-25-812
ZDI-CAN-23938
(0Day) Microsoft Windows SmartScreen Bypass Remote Code Execution Vulnerability
ZDI-25-811
ZDI-CAN-23946
(0Day) Microsoft Office OfficeApps Unintended Proxy Information Disclosure Vulnerability
ZDI-25-810
ZDI-CAN-23945
(0Day) Microsoft Windows ZIP File Insufficient UI Warning Remote Code Execution Vulnerability
ZDI-25-809
ZDI-CAN-23450
(0Day) Microsoft Exchange PowerShell Exposed Dangerous Method NTLM Relay Vulnerability
ZDI-25-808
ZDI-CAN-26156
AOMEI
CVE-2025-8610
(0Day) AOMEI Cyber Backup Missing Authentication for Critical Function Remote Code Execution Vulnerability
ZDI-25-807
ZDI-CAN-26158
CVE-2025-8611
ZDI-25-806
ZDI-CAN-27059
CVE-2025-8612
(0Day) AOMEI Backupper Workstation Link Following Local Privilege Escalation Vulnerability
ZDI-25-805
ZDI-CAN-25892
Vacron
CVE-2025-8613
(0Day) Vacron Camera ping Command Injection Remote Code Execution Vulnerability
ZDI-25-804
ZDI-CAN-26355
Kenwood
CVE-2025-8656
(0Day) (Pwn2Own) Kenwood DMX958XR Protection Mechanism Failure Software Downgrade Vulnerability
ZDI-25-803
ZDI-CAN-26314
CVE-2025-8655
(0Day) (Pwn2Own) Kenwood DMX958XR libSystemLib Command injection Remote Code Execution Vulnerability
ZDI-25-802
ZDI-CAN-26313
CVE-2025-8654
(0Day) (Pwn2Own) Kenwood DMX958XR ReadMVGImage Command Injection Remote Code Execution Vulnerability
ZDI-25-801
ZDI-CAN-26312
CVE-2025-8653
(0Day) (Pwn2Own) Kenwood DMX958XR JKRadioService Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-800
ZDI-CAN-26311
CVE-2025-8652
(0Day) (Pwn2Own) Kenwood DMX958XR JKWifiService Command Injection Remote Code Execution Vulnerability
ZDI-25-799
ZDI-CAN-26307
CVE-2025-8651
ZDI-25-798
ZDI-CAN-26306
CVE-2025-8650
(0Day) (Pwn2Own) Kenwood DMX958XR libSystemLib Command Injection Remote Code Execution Vulnerability
ZDI-25-797
ZDI-CAN-26305
CVE-2025-8649
ZDI-25-796
ZDI-CAN-26271
CVE-2025-8648
(0Day) Kenwood DMX958XR Firmware Update Command Injection Vulnerability
ZDI-25-795
ZDI-CAN-26270
CVE-2025-8647
ZDI-25-794
ZDI-CAN-26269
CVE-2025-8646
ZDI-25-793
ZDI-CAN-26268
CVE-2025-8645
ZDI-25-792
ZDI-CAN-26267
CVE-2025-8644
ZDI-25-791
ZDI-CAN-26266
CVE-2025-8643
ZDI-25-790
ZDI-CAN-26265
CVE-2025-8642
ZDI-25-789
ZDI-CAN-26264
CVE-2025-8641
ZDI-25-788
ZDI-CAN-26263
CVE-2025-8640
ZDI-25-787
ZDI-CAN-26262
CVE-2025-8639
ZDI-25-786
ZDI-CAN-26261
CVE-2025-8638
ZDI-25-785
ZDI-CAN-26260
CVE-2025-8637
ZDI-25-784
ZDI-CAN-26259
CVE-2025-8636
ZDI-25-783
ZDI-CAN-26258
CVE-2025-8635
ZDI-25-782
ZDI-CAN-26257
CVE-2025-8634
ZDI-25-781
ZDI-CAN-26256
CVE-2025-8633
ZDI-25-780
ZDI-CAN-26255
CVE-2025-8632
ZDI-25-779
ZDI-CAN-26254
CVE-2025-8631
ZDI-25-778
ZDI-CAN-26253
CVE-2025-8630
ZDI-25-777
ZDI-CAN-26252
CVE-2025-8629
ZDI-25-776
ZDI-CAN-26064
CVE-2025-8628
ZDI-25-775
ZDI-CAN-25494
Google
(0Day) Google Chrome SwiftShader Out-Of-Bound Write Remote Code Execution Vulnerability
ZDI-25-774
ZDI-CAN-24741
(0Day) Google Drive ZIP File Mark-of-the-Web Bypass Remote Code Execution Vulnerability
ZDI-25-773
ZDI-CAN-24742
(0Day) Google Drive File Sharing Mark-of-the-Web Bypass Vulnerability
ZDI-25-772
ZDI-CAN-27855
CVE-2025-54987
Trend Micro Apex One Console Command Injection Remote Code Execution Vulnerability
ZDI-25-771
ZDI-CAN-27834
CVE-2025-54948
ZDI-25-770
ZDI-CAN-25335
Microsoft Skype Chromium Remote Code Execution Vulnerability
ZDI-25-769
ZDI-CAN-27088
NI
CVE-2025-7849
NI LabVIEW VI File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-768
ZDI-CAN-27081
CVE-2025-7848
ZDI-25-767
ZDI-CAN-26324
Alpine
CVE-2025-8477
(0Day) (Pwn2Own) Alpine iLX-507 vCard Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-766
ZDI-CAN-26357
CVE-2025-8480
(0Day) (Pwn2Own) Alpine iLX-507 Command Injection Remote Code Execution
ZDI-25-765
ZDI-CAN-26322
CVE-2025-8476
(0Day) (Pwn2Own) Alpine iLX-507 TIDAL Improper Certificate Validation Vulnerability
ZDI-25-764
ZDI-CAN-26321
CVE-2025-8475
(0Day) (Pwn2Own) Alpine iLX-507 AVRCP Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-763
ZDI-CAN-26318
CVE-2025-8474
(0Day) (Pwn2Own) Alpine iLX-507 CarPlay Stack-based Buffer Overflow Code Execution Vulnerability
ZDI-25-762
ZDI-CAN-26317
CVE-2025-8473
(0Day) (Pwn2Own) Alpine iLX-507 UPDM_wstpCBCUpdStart Command Injection Vulnerability
ZDI-25-761
ZDI-CAN-26316
CVE-2025-8472
ZDI-25-760
ZDI-CAN-25536
CVE-2024-50388
(Pwn2Own) QNAP TS-464 rsync Daemon Command Injection Remote Code Execution Vulnerability
ZDI-25-759
ZDI-CAN-25656
CVE-2024-50387
(Pwn2Own) QNAP TS-464 Log Tool SQL Injection Remote Code Execution Vulnerability
ZDI-25-758
ZDI-CAN-25612
(Pwn2Own) QNAP TS-464 Samba Command Argument Injection Vulnerability
ZDI-25-757
ZDI-CAN-25673
(Pwn2Own) QNAP QHora-322 tar Command Injection Remote Code Execution Vulnerability
ZDI-25-756
ZDI-CAN-25488
(Pwn2Own) QNAP QHora-322 Improper Restriction of Communication Channel to Intended Endpoints Vulnerability
ZDI-25-755
ZDI-CAN-25672
(Pwn2Own) QNAP QHora-322 qsyslog-cli username Format String Remote Code Execution Vulnerability
ZDI-25-754
ZDI-CAN-25653
(Pwn2Own) QNAP TS-464 privWizard.cgi Authentication CRLF Injection Privilege Escalation Vulnerability
ZDI-25-753
ZDI-CAN-25482
(Pwn2Own) QNAP TS-464 Improper Handling of URL Encoding Authentication Bypass Vulnerability
ZDI-25-752
ZDI-CAN-25667
(Pwn2Own) QNAP QHora-322 gRPC WAN_ADDR6 Command Injection Remote Code Execution Vulnerability
ZDI-25-751
ZDI-CAN-25625
(Pwn2Own) QNAP QHora-322 IPv6 Incorrectly Specified Destination in a Communication Channel Network Spoofing Vulnerability
ZDI-25-750
ZDI-CAN-25624
(Pwn2Own) QNAP QHora-322 lionic_dpi parseMIME Out-of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-749
ZDI-CAN-25596
(Pwn2Own) QNAP QHora-322 qfirewall Improper Restriction of Communication Channel to Intended Endpoints Firewall Bypass Vulnerability
ZDI-25-748
ZDI-CAN-25657
(Pwn2Own) QNAP QHora-322 system.db Use of Hard-coded Cryptographic Key Authentication Bypass Vulnerability
ZDI-25-747
ZDI-CAN-25646
(Pwn2Own) QNAP TS-464 reset_password.cgi Hard-coded Cryptographic Key Authentication Bypass Vulnerability
ZDI-25-746
ZDI-CAN-25645
(Pwn2Own) QNAP TS-464 reset_password.cgi Improper Certificate Validation Information Disclosure Vulnerability
ZDI-25-745
ZDI-CAN-25644
ZDI-25-744
ZDI-CAN-25483
(Pwn2Own) QNAP TS-464 reset_password.cgi Improper Certificate Validation Authentication Bypass Vulnerability
ZDI-25-743
ZDI-CAN-25585
(Pwn2Own) QNAP TS-464 qnap_exec Command Injection Privilege Escalation Vulnerability
ZDI-25-742
ZDI-CAN-25587
(Pwn2Own) QNAP TS-464 Active Directory Authentication Bypass Vulnerability
ZDI-25-741
ZDI-CAN-25580
CVE-2024-50389
(Pwn2Own) QNAP QHora-322 openvpn_cli user_name SQL Injection Authentication Bypass Vulnerability
ZDI-25-740
ZDI-CAN-25641
(Pwn2Own) QNAP QHora-322 backup Use of Hard-coded Cryptographic Key Privilege Escalation Vulnerability
ZDI-25-739
ZDI-CAN-25634
(Pwn2Own) QNAP QHora-322 Improper Restriction of Communication Channel to Intended Endpoints Remote Code Execution Vulnerability
ZDI-25-738
ZDI-CAN-25635
(Pwn2Own) QNAP QHora-322 SSH Use of Weak Credentials Authentication Bypass Vulnerability
ZDI-25-737
ZDI-CAN-25530
(Pwn2Own) QNAP QHora-322 do_fetch Improper Certificate Validation Vulnerability
ZDI-25-736
ZDI-CAN-25632
(Pwn2Own) QNAP QHora-322 access_setting HTTP Request Smuggling Vulnerability
ZDI-25-735
ZDI-CAN-25631
(Pwn2Own) QNAP QHora-322 local_pwd_reset HTTP Request Smuggling Vulnerability
ZDI-25-734
ZDI-CAN-25633
(Pwn2Own) QNAP QHora-322 IPMI Use of Weak Credentials Authentication Bypass Vulnerability
ZDI-25-733
ZDI-CAN-24915
Marvell
CVE-2025-8426
(0Day) Marvell QConvergeConsole compressConfigFiles Directory Traversal Information Disclosure and Denial-of-Service Vulnerability
ZDI-25-732
ZDI-CAN-25639
Lorex
CVE-2025-8389
(Pwn2Own) Lorex 2K Indoor Wi-Fi Security Camera Improper Validation of Array Index Remote Code Execution Vulnerability
ZDI-25-731
ZDI-CAN-25537
CVE-2024-52544
(Pwn2Own) Lorex 2K Indoor Wi-Fi Security Camera Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-730
ZDI-CAN-25647
CVE-2025-3132
ZDI-25-729
ZDI-CAN-23656
Canonical
CVE-2024-50126
(Pwn2Own) Canonical Ubuntu Kernel taprio Scheduler Race Condition Local Privilege Escalation Vulnerability
ZDI-25-728
ZDI-CAN-26782
CVE-2025-31239
Apple macOS MediaToolbox Framework Memory Corruption Remote Code Execution Vulnerability
ZDI-25-727
ZDI-CAN-25365
Apple macOS libFontValidation kern Table Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-726
ZDI-CAN-25355
CVE-2025-7993
(0Day) Ashlar-Vellum Cobalt LI File Parsing Use-After-Free Remote Code Execution Vulnerability
ZDI-25-725
ZDI-CAN-26238
CVE-2025-8006
(0Day) Ashlar-Vellum Cobalt XE File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-724
ZDI-CAN-26233
CVE-2025-8002
(0Day) Ashlar-Vellum Cobalt CO File Parsing Type Confusion Remote Code Execution Vulnerability
ZDI-25-723
ZDI-CAN-26236
CVE-2025-8004
ZDI-25-722
ZDI-CAN-26237
CVE-2025-8005
(0Day) Ashlar-Vellum Cobalt XE File Parsing Type Confusion Remote Code Execution Vulnerability
ZDI-25-721
ZDI-CAN-26053
CVE-2025-8001
(0Day) Ashlar-Vellum Cobalt CO File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-720
ZDI-CAN-26235
CVE-2025-8003
(0Day) Ashlar-Vellum Cobalt CO File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-719
ZDI-CAN-26045
CVE-2025-7997
ZDI-25-718
ZDI-CAN-26051
CVE-2025-8000
(0Day) Ashlar-Vellum Cobalt LI File Parsing Type Confusion Remote Code Execution Vulnerability
ZDI-25-717
ZDI-CAN-25981
CVE-2025-7995
ZDI-25-716
ZDI-CAN-25982
CVE-2025-7996
(0Day) Ashlar-Vellum Cobalt AR File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-715
ZDI-CAN-26046
CVE-2025-7998
(0Day) Ashlar-Vellum Cobalt CO File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-714
ZDI-CAN-25976
CVE-2025-7994
(0Day) Ashlar-Vellum Cobalt AR File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-713
ZDI-CAN-26049
CVE-2025-7999
(0Day) Ashlar-Vellum Cobalt AR File Parsing Type Confusion Remote Code Execution Vulnerability
ZDI-25-712
ZDI-CAN-26299
Tesla
CVE-2025-8321
(Pwn2Own) Tesla Wall Connector Firmware Downgrade Vulnerability
ZDI-25-711
ZDI-CAN-26300
CVE-2025-8320
(Pwn2Own) Tesla Wall Connector Content-Length Header Improper Input Validation Remote Code Execution Vulnerability
ZDI-25-710
ZDI-CAN-24672
CVE-2024-45710
SolarWinds Platform SolarWindsAgent64 Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
ZDI-25-709
ZDI-CAN-27217
CVE-2025-43214
Apple Safari JavaScriptCore WasmToJSException Type Confusion Remote Code Execution Vulnerability
ZDI-25-708
ZDI-CAN-22536
Mozilla
CVE-2024-3863
Mozilla Firefox Web Page Download Mark-Of-The-Web Protection Mechanism Failure Vulnerability
ZDI-25-707
ZDI-CAN-23383
AVG
CVE-2024-13960
AVG TuneUp for PC TuneUp Service Link Following Local Privilege Escalation Vulnerability
ZDI-25-706
ZDI-CAN-27226
CVE-2025-7675
Autodesk AutoCAD 3DM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-705
ZDI-CAN-27225
CVE-2025-7497
Autodesk AutoCAD PRT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-704
ZDI-CAN-27223
CVE-2025-6637
ZDI-25-703
ZDI-CAN-27222
CVE-2025-6636
Autodesk AutoCAD PRT File Parsing Use-After-Free Remote Code Execution Vulnerability
ZDI-25-702
ZDI-CAN-27253
CVE-2025-6635
ZDI-25-701
ZDI-CAN-27221
CVE-2025-6631
ZDI-25-700
ZDI-CAN-26927
CVE-2025-5038
Autodesk AutoCAD X_T File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-699
ZDI-CAN-26848
CVE-2025-5043
Autodesk AutoCAD 3DM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-698
ZDI-CAN-25548
Avast
CVE-2024-13962
Avast Cleanup Premium TuneupSvc Link Following Local Privilege Escalation Vulnerability
ZDI-25-697
ZDI-CAN-25498
CVE-2024-13959
AVG TuneUp for PC TuneupSvc Link Following Local Privilege Escalation Vulnerability
ZDI-25-696
ZDI-CAN-25549
CVE-2024-13961
ZDI-25-695
ZDI-CAN-25509
CVE-2024-13944
ZDI-25-694
ZDI-CAN-25406
CVE-2025-53416
Delta Electronics DTN Soft Project File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-693
ZDI-CAN-25570
Norton
Norton Utilities Ultimate NortonUtilitiesSvc Link Following Local Privilege Escalation Vulnerability
ZDI-25-692
ZDI-CAN-25015
CVE-2024-21273
Oracle VirtualBox VirtIO-SCSI Uninitialized Memory Information Disclosure Vulnerability
ZDI-25-691
ZDI-CAN-26915
CVE-2025-43221
Apple macOS USD importAnimations Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-690
ZDI-CAN-26909
Apple macOS USD importNodeAnimations Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-689
ZDI-CAN-27107
ZDI-25-688
ZDI-CAN-26966
ZDI-25-687
ZDI-CAN-26846
Apple macOS USD readAccessorDataToFloat Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-686
ZDI-CAN-26914
CVE-2025-43224
ZDI-25-685
ZDI-CAN-26853
ZDI-25-684
ZDI-CAN-26830
ZDI-25-683
ZDI-CAN-27105
CVE-2025-43264
ZDI-25-682
ZDI-CAN-26829
ZDI-25-681
ZDI-CAN-27287
CVE-2025-43210
ZDI-25-680
ZDI-CAN-27274
CVE-2025-43186
Apple macOS AudioToolbox MP4 File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-679
ZDI-CAN-27106
CVE-2025-43215
Apple macOS USD readColor Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-678
ZDI-CAN-27041
CVE-2025-43239
ZDI-25-677
ZDI-CAN-27036
CVE-2025-43218
Apple macOS USD CustomLoadImageData Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-676
ZDI-CAN-26978
CVE-2025-43219
Apple macOS USD importSkeletons Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-675
ZDI-CAN-26847
CVE-2025-31280
Apple macOS USD readAccessorInts Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-674
ZDI-CAN-26636
CVE-2025-43255
ZDI-25-673
ZDI-CAN-26616
CVE-2025-43209
Apple Safari getHourCycles Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-672
ZDI-CAN-25806
Samsung
CVE-2025-54442
Samsung MagicINFO 9 Server filenameHasExecutableType Unrestricted File Upload Remote Code Execution Vulnerability
ZDI-25-671
ZDI-CAN-25978
CVE-2025-54455
Samsung MagicINFO 9 Server PremiumClientService Hard-coded Cryptographic Key Authentication Bypass Vulnerability
ZDI-25-670
ZDI-CAN-25839
CVE-2025-54454
ZDI-25-669
ZDI-CAN-25802
CVE-2025-54453
Samsung MagicINFO 9 Server FtpMetaUploadServlet Directory Traversal Remote Code Execution Vulnerability
ZDI-25-668
ZDI-CAN-25800
CVE-2025-54452
Samsung MagicINFO 9 Server ServletAuthenticationProcessingFilter Authentication Bypass Vulnerability
ZDI-25-667
ZDI-CAN-26058
CVE-2025-54451
Samsung MagicINFO 9 Server MagicInfoCache Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-666
ZDI-CAN-26057
CVE-2025-54450
Samsung MagicINFO 9 Server DeviceLogUploadServlet Directory Traversal Remote Code Execution Vulnerability
ZDI-25-665
ZDI-CAN-25873
CVE-2025-54449
Samsung MagicINFO 9 Server fillLftOrLfdInfo Unrestricted File Upload Remote Code Execution Vulnerability
ZDI-25-664
ZDI-CAN-25874
CVE-2025-54448
Samsung MagicINFO 9 Server copyResourceToFile Unrestricted File Upload Remote Code Execution Vulnerability
ZDI-25-663
ZDI-CAN-25885
CVE-2025-54447
Samsung MagicINFO 9 Server OpenApiController Unrestricted File Upload Remote Code Execution Vulnerability
ZDI-25-662
ZDI-CAN-25955
CVE-2025-54446
Samsung MagicINFO 9 Server ResponseUploadActivity Directory Traversal Remote Code Execution Vulnerability
ZDI-25-661
ZDI-CAN-25860
CVE-2025-54445
Samsung MagicINFO 9 Server parseXMLString XML External Entity Processing Information Disclosure Vulnerability
ZDI-25-660
ZDI-CAN-25804
CVE-2025-54444
ZDI-25-659
ZDI-CAN-25772
CVE-2025-54443
Samsung MagicINFO 9 Server SWUpdateFileUploadServlet Directory Traversal Remote Code Execution Vulnerability
ZDI-25-658
ZDI-CAN-25807
CVE-2025-54441
Samsung MagicINFO 9 Server getFontFileFromMagicInfoServer Unrestricted File Upload Remote Code Execution Vulnerability
ZDI-25-657
ZDI-CAN-26519
CVE-2025-54440
Samsung MagicINFO 9 Server MagicInfoWebAuthorClient Unrestricted File Upload Remote Code Execution Vulnerability
ZDI-25-656
ZDI-CAN-25809
CVE-2025-54439
Samsung MagicINFO 9 Server getZipFileListForImport Unrestricted File Upload Remote Code Execution Vulnerability
ZDI-25-655
ZDI-CAN-26520
CVE-2025-54438
Samsung MagicINFO 9 Server downloadChangedFiles Directory Traversal Authentication Bypass Vulnerability
ZDI-25-654
ZDI-CAN-26280
CVE-2025-26397
SolarWinds TFTP Server Deserialization of Untrusted Data Local Privilege Escalation Vulnerability
ZDI-25-653
ZDI-CAN-27791
CVE-2025-53770
(Pwn2Own) Microsoft SharePoint Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-652
ZDI-CAN-27790
CVE-2025-53771
(Pwn2Own) Microsoft SharePoint ToolPane Authentication Bypass Vulnerability
ZDI-25-651
ZDI-CAN-27159
Red Hat
CVE-2025-38350
(Pwn2Own) Red Hat Enterprise Linux CBS Packet Scheduling Use-After-Free Local Privilege Escalation Vulnerability
ZDI-25-650
ZDI-CAN-26647
ATEN
CVE-2025-6685
ATEN eco DC Missing Authorization Privilege Escalation Vulnerability
ZDI-25-649
ZDI-CAN-25685
CVE-2025-24287
Veeam Agent for Microsoft Windows Incorrect Default Permissions Local Privilege Escalation Vulnerability
ZDI-25-648
ZDI-CAN-26882
CVE-2025-7976
Anritsu ShockLine CHX File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-647
ZDI-CAN-26913
CVE-2025-7975
Anritsu ShockLine CHX File Parsing Directory Traversal Remote Code Execution Vulnerability
ZDI-25-646
ZDI-CAN-26780
Amazon
CVE-2025-8069
Amazon AWS Client VPN Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
ZDI-25-645
ZDI-CAN-27254
CVE-2025-5037
Autodesk Revit RFA File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-644
ZDI-CAN-25862
CVE-2025-7988
(0Day) Ashlar-Vellum Graphite VC6 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-643
ZDI-CAN-25945
CVE-2025-7991
(0Day) Ashlar-Vellum Cobalt VC6 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-642
ZDI-CAN-25972
CVE-2025-7992
ZDI-25-641
ZDI-CAN-25756
CVE-2025-7987
ZDI-25-640
ZDI-CAN-25943
CVE-2025-7989
ZDI-25-639
ZDI-CAN-25755
CVE-2025-7986
ZDI-25-638
ZDI-CAN-25944
CVE-2025-7990
(0Day) Ashlar-Vellum Cobalt VC6 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-637
ZDI-CAN-25704
CVE-2025-7985
(0Day) Ashlar-Vellum Cobalt VC6 File Parsing Integer Overflow Remote Code Execution Vulnerability
ZDI-25-636
ZDI-CAN-25700
CVE-2025-7984
(0Day) Ashlar-Vellum Cobalt AR File Parsing Uninitialized Variable Remote Code Execution Vulnerability
ZDI-25-635
ZDI-CAN-25477
CVE-2025-7983
(0Day) Ashlar-Vellum Graphite VC6 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-634
ZDI-CAN-25475
CVE-2025-7981
(0Day) Ashlar-Vellum Graphite VC6 File Parsing Uninitialized Variable Remote Code Execution Vulnerability
ZDI-25-633
ZDI-CAN-25463
CVE-2025-7979
(0Day) Ashlar-Vellum Graphite VC6 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-632
ZDI-CAN-25459
CVE-2025-7978
ZDI-25-631
ZDI-CAN-25465
CVE-2025-7980
ZDI-25-630
ZDI-CAN-25476
CVE-2025-7982
(0Day) Ashlar-Vellum Cobalt LI File Parsing Integer Overflow Remote Code Execution Vulnerability
ZDI-25-629
ZDI-CAN-25354
CVE-2025-7977
(0Day) Ashlar-Vellum Cobalt LI File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-628
ZDI-CAN-26346
Phoenix Contact
CVE-2025-25271
(Pwn2Own) Phoenix Contact CHARX SEC-3150 OCPP Authentication Bypass Vulnerability
ZDI-25-627
ZDI-CAN-26517
rocket.chat
CVE-2025-7974
rocket.chat Incorrect Authorization Information Disclosure Vulnerability
ZDI-25-626
ZDI-CAN-27193
CVE-2025-23266
(Pwn2Own) NVIDIA Container Toolkit Environment Variable Handling Local Privilege Escalation Vulnerability
ZDI-25-625
ZDI-CAN-26062
CVE-2025-24286
Veeam Backup Enterprise Manager JobManagmentService Improper Access Control Remote Code Execution Vulnerability
ZDI-25-624
ZDI-CAN-23328
CVE-2024-25995
(Pwn2Own) Phoenix Contact CHARX SEC-3100 Command Injection Remote Code Execution Vulnerability
ZDI-25-623
ZDI-CAN-26332
CVE-2025-25270
(Pwn2Own) Phoenix Contact CHARX SEC-3150 Origin Validation Error Firewall Bypass Vulnerability
ZDI-25-622
ZDI-CAN-26331
CVE-2025-25268
(Pwn2Own) Phoenix Contact CHARX SEC-3150 Configuration Service Missing Authentication Vulnerability
ZDI-25-621
ZDI-CAN-26350
CVE-2025-25269
(Pwn2Own) Phoenix Contact CHARX SEC-3150 DHCP Configuration Command Injection Remote Code Execution Vulnerability
ZDI-25-620
ZDI-CAN-26901
CVE-2025-6973
Dassault Systèmes eDrawings Viewer JT File Parsing Use-After-Free Remote Code Execution Vulnerability
ZDI-25-619
ZDI-CAN-26813
CVE-2025-0831
Dassault Systèmes eDrawings Viewer JT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-618
ZDI-CAN-26895
CVE-2025-6974
ZDI-25-617
ZDI-CAN-26971
CVE-2025-6972
Dassault Systèmes eDrawings Viewer CATPRODUCT File Parsing Use-After-Free Remote Code Execution Vulnerability
ZDI-25-616
ZDI-CAN-26975
CVE-2025-6971
ZDI-25-615
ZDI-CAN-27117
CVE-2025-7042
Dassault Systèmes eDrawings Viewer IPT File Parsing Use-After-Free Remote Code Execution Vulnerability
ZDI-25-614
ZDI-CAN-25791
Hewlett Packard Enterprise
CVE-2025-37107
Hewlett Packard Enterprise AutoPass License Server Authentication Bypass Vulnerability
ZDI-25-613
ZDI-CAN-25790
CVE-2025-37106
Hewlett Packard Enterprise AutoPass License Server Hard-coded Credentials Authentication Bypass Vulnerability
ZDI-25-612
ZDI-CAN-25789
CVE-2025-37105
Hewlett Packard Enterprise AutoPass License Server Hard-coded Credentials Remote Code Execution Vulnerability
ZDI-25-611
ZDI-CAN-27123
VMware
CVE-2025-41239
VMware ESXi VMCI Uninitialized Memory Information Disclosure Vulnerability
ZDI-25-610
ZDI-CAN-27391
CVE-2025-38191
Linux Kernel ksmbd destroy_previous_session Null Pointer Dereference Denial-of-Service Vulnerability
ZDI-25-609
ZDI-CAN-27121
CVE-2025-20281
Cisco Identity Services Engine invokeStrongSwanShellScript Command Injection Remote Code Execution Vulnerability
ZDI-25-608
ZDI-CAN-26483
CVE-2025-20282
Cisco Identity Services Engine handleFilesUpload Unrestricted File Upload Remote Code Execution Vulnerability
ZDI-25-607
ZDI-CAN-26481
CVE-2025-20337
Cisco Identity Services Engine enableStrongSwanTunnel Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-606
ZDI-CAN-26482
CVE-2025-20284
Cisco Identity Services Engine handleStrongSwanTunnelStatus Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-605
ZDI-CAN-26480
CVE-2025-20285
Cisco Identity Services Engine IpAccessFilter Direct Request Authentication Bypass Vulnerability
ZDI-25-604
ZDI-CAN-26479
CVE-2025-20283
Cisco Identity Services Engine disableStrongSwanTunnel Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-603
ZDI-CAN-27152
Autodesk Revit RTE File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-602
ZDI-CAN-27154
CVE-2025-53027
(Pwn2Own) Oracle VirtualBox OHCI USB Controller Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability
ZDI-25-601
ZDI-CAN-27122
CVE-2025-53024
(Pwn2Own) Oracle VirtualBox VMSVGA Integer Overflow Local Privilege Escalation Vulnerability
ZDI-25-600
ZDI-CAN-27163
CVE-2025-53028
(Pwn2Own) Oracle VirtualBox VMSVGA Out-Of-Bounds Write Local Privilege Escalation Vulnerability
ZDI-25-599
ZDI-CAN-26653
CVE-2025-53026
Oracle VirtualBox LSILogic Uninitialized Memory Information Disclosure Vulnerability
ZDI-25-598
ZDI-CAN-26654
CVE-2025-53025
Oracle VirtualBox BusLogic Uninitialized Memory Information Disclosure Vulnerability
ZDI-25-597
ZDI-CAN-26922
ZDI-25-596
ZDI-CAN-26917
CVE-2025-5040
Autodesk Revit RTE File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-595
ZDI-CAN-27098
ZDI-25-594
ZDI-CAN-26963
ZDI-25-593
ZDI-CAN-26925
Autodesk Revit RVT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-592
ZDI-CAN-26923
Autodesk Revit RVT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-591
ZDI-CAN-26161
CVE-2025-53415
Delta Electronics DTM Soft BIN File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-590
ZDI-CAN-26240
G DATA
CVE-2025-2790
G DATA Total Security GDTunerSvc Link Following Local Privilege Escalation Vulnerability
ZDI-25-589
ZDI-CAN-25342
CVE-2025-53378
Trend Micro Worry-Free Business Security Missing Authentication Vulnerability
ZDI-25-588
ZDI-CAN-26484
ZDI-25-587
ZDI-CAN-26473
Luxion
CVE-2025-7222
Luxion KeyShot 3DM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-586
ZDI-CAN-25729
CVE-2025-52837
Trend Micro Password Manager Link Following Local Privilege Escalation Vulnerability
ZDI-25-585
ZDI-CAN-26887
CVE-2025-52521
Trend Micro Maximum Security Link Following Local Privilege Escalation Vulnerability
ZDI-25-584
ZDI-CAN-27167
CVE-2025-49727
ZDI-25-583
ZDI-CAN-26791
CVE-2025-49732
ZDI-25-582
ZDI-CAN-27246
CVE-2025-49740
Microsoft Windows Startup Folder SmartScreen Bypass Vulnerability
ZDI-25-581
ZDI-CAN-27247
CVE-2025-49704
(Pwn2Own) Microsoft SharePoint DataSetSurrogateSelector Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-580
ZDI-CAN-27162
CVE-2025-49706
ZDI-25-579
ZDI-CAN-26249
CVE-2025-47993
Microsoft PC Manager Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
ZDI-25-578
ZDI-CAN-26768
CVE-2025-49742
Microsoft Windows win32kfull Integer Overflow Local Privilege Escalation Vulnerability
ZDI-25-577
ZDI-CAN-26358
CVE-2025-48820
Microsoft Windows AppX Deployment Service Link Following Local Privilege Escalation Vulnerability
ZDI-25-576
ZDI-CAN-26572
CVE-2025-40738
Siemens SINEC NMS uploadFWBinary Directory Traversal Remote Code Execution Vulnerability
ZDI-25-575
ZDI-CAN-26571
CVE-2025-40737
Siemens SINEC NMS unZipJarFilestoLocation Directory Traversal Remote Code Execution Vulnerability
ZDI-25-574
ZDI-CAN-26569
CVE-2025-40736
Siemens SINEC NMS reqToChangePassword Authentication Bypass Vulnerability
ZDI-25-573
ZDI-CAN-26376
IrfanView
CVE-2025-7299
IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-572
ZDI-CAN-26434
CVE-2025-7325
IrfanView CADImage Plugin DXF File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-571
ZDI-CAN-26430
CVE-2025-7324
IrfanView CADImage Plugin DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-570
ZDI-CAN-26428
CVE-2025-7323
ZDI-25-569
ZDI-CAN-26423
CVE-2025-7322
IrfanView CADImage Plugin DWG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-568
ZDI-CAN-26421
CVE-2025-7321
ZDI-25-567
ZDI-CAN-26418
CVE-2025-7320
ZDI-25-566
ZDI-CAN-26413
CVE-2025-7319
ZDI-25-565
ZDI-CAN-26412
CVE-2025-7318
ZDI-25-564
ZDI-CAN-26411
CVE-2025-7317
ZDI-25-563
ZDI-CAN-26410
CVE-2025-7316
ZDI-25-562
ZDI-CAN-26408
CVE-2025-7315
ZDI-25-561
ZDI-CAN-26400
CVE-2025-7314
ZDI-25-560
ZDI-CAN-26399
CVE-2025-7313
ZDI-25-559
ZDI-CAN-26398
CVE-2025-7312
ZDI-25-558
ZDI-CAN-26395
CVE-2025-7311
ZDI-25-557
ZDI-CAN-26391
CVE-2025-7309
ZDI-25-556
ZDI-CAN-26393
CVE-2025-7310
ZDI-25-555
ZDI-CAN-26389
CVE-2025-7308
ZDI-25-554
ZDI-CAN-26388
CVE-2025-7307
ZDI-25-553
ZDI-CAN-26387
CVE-2025-7306
ZDI-25-552
ZDI-CAN-26386
CVE-2025-7305
ZDI-25-551
ZDI-CAN-26385
CVE-2025-7304
ZDI-25-550
ZDI-CAN-26384
CVE-2025-7303
ZDI-25-549
ZDI-CAN-26381
CVE-2025-7302
ZDI-25-548
ZDI-CAN-26380
CVE-2025-7301
ZDI-25-547
ZDI-CAN-26377
CVE-2025-7300
ZDI-25-546
ZDI-CAN-26243
CVE-2025-7296
ZDI-25-545
ZDI-CAN-26244
CVE-2025-7297
ZDI-25-544
ZDI-CAN-26242
CVE-2025-7295
ZDI-25-543
ZDI-CAN-26230
CVE-2025-7294
ZDI-25-542
ZDI-CAN-26246
CVE-2025-7298
ZDI-25-541
ZDI-CAN-26229
CVE-2025-7293
ZDI-25-540
ZDI-CAN-26228
CVE-2025-7292
ZDI-25-539
ZDI-CAN-26227
CVE-2025-7291
ZDI-25-538
ZDI-CAN-26226
CVE-2025-7290
ZDI-25-537
ZDI-CAN-26221
CVE-2025-7285
ZDI-25-536
ZDI-CAN-26220
CVE-2025-7284
ZDI-25-535
ZDI-CAN-26225
CVE-2025-7289
ZDI-25-534
ZDI-CAN-26224
CVE-2025-7288
ZDI-25-533
ZDI-CAN-26223
CVE-2025-7287
ZDI-25-532
ZDI-CAN-26222
CVE-2025-7286
ZDI-25-531
ZDI-CAN-26219
CVE-2025-7283
ZDI-25-530
ZDI-CAN-26216
CVE-2025-7282
ZDI-25-529
ZDI-CAN-26215
CVE-2025-7281
ZDI-25-528
ZDI-CAN-26214
CVE-2025-7280
ZDI-25-527
ZDI-CAN-26213
CVE-2025-7279
IrfanView CADImage Plugin CGM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-526
ZDI-CAN-26211
CVE-2025-7278
ZDI-25-525
ZDI-CAN-26203
CVE-2025-7274
ZDI-25-524
ZDI-CAN-26209
CVE-2025-7277
ZDI-25-523
ZDI-CAN-26208
CVE-2025-7276
ZDI-25-522
ZDI-CAN-26204
CVE-2025-7275
ZDI-25-521
ZDI-CAN-26198
CVE-2025-7272
ZDI-25-520
ZDI-CAN-26193
CVE-2025-7271
ZDI-25-519
ZDI-CAN-26202
CVE-2025-7273
ZDI-25-518
ZDI-CAN-26189
CVE-2025-7270
ZDI-25-517
ZDI-CAN-26188
CVE-2025-7269
ZDI-25-516
ZDI-CAN-26182
CVE-2025-7268
ZDI-25-515
ZDI-CAN-26179
CVE-2025-7267
ZDI-25-514
ZDI-CAN-26174
CVE-2025-7266
ZDI-25-513
ZDI-CAN-26173
CVE-2025-7265
ZDI-25-512
ZDI-CAN-26171
CVE-2025-7264
ZDI-25-511
ZDI-CAN-26170
CVE-2025-7263
ZDI-25-510
ZDI-CAN-26132
CVE-2025-7262
ZDI-25-509
ZDI-CAN-26130
CVE-2025-7261
ZDI-25-508
ZDI-CAN-26129
CVE-2025-7260
IrfanView CADImage Plugin DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-507
ZDI-CAN-26127
CVE-2025-7258
IrfanView CADImage Plugin DWG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-506
ZDI-CAN-26085
CVE-2025-7239
ZDI-25-505
ZDI-CAN-26084
CVE-2025-7238
ZDI-25-504
ZDI-CAN-26083
CVE-2025-7237
ZDI-25-503
ZDI-CAN-26126
CVE-2025-7257
ZDI-25-502
ZDI-CAN-26119
CVE-2025-7256
ZDI-25-501
ZDI-CAN-26098
CVE-2025-7248
ZDI-25-500
ZDI-CAN-26118
CVE-2025-7255
ZDI-25-499
ZDI-CAN-26096
CVE-2025-7247
ZDI-25-498
ZDI-CAN-26095
CVE-2025-7246
ZDI-25-497
ZDI-CAN-26093
CVE-2025-7244
ZDI-25-496
ZDI-CAN-26113
CVE-2025-7254
ZDI-25-495
ZDI-CAN-26074
CVE-2025-7234
IrfanView CADImage Plugin CGM File Parsing Out-of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-494
ZDI-CAN-26072
CVE-2025-7233
IrfanView CADImage Plugin DWG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-493
ZDI-CAN-26112
CVE-2025-7253
ZDI-25-492
ZDI-CAN-26100
CVE-2025-7249
ZDI-25-491
ZDI-CAN-26091
CVE-2025-7243
ZDI-25-490
ZDI-CAN-26088
CVE-2025-7242
ZDI-25-489
ZDI-CAN-26087
CVE-2025-7241
ZDI-25-488
ZDI-CAN-26086
CVE-2025-7240
ZDI-25-487
ZDI-CAN-26080
CVE-2025-7236
ZDI-25-486
ZDI-CAN-26107
CVE-2025-7250
ZDI-25-485
ZDI-CAN-26075
CVE-2025-7235
ZDI-25-484
ZDI-CAN-26109
CVE-2025-7252
ZDI-25-483
ZDI-CAN-26108
CVE-2025-7251
ZDI-25-482
ZDI-CAN-25724
INVT
CVE-2025-7231
(0Day) INVT VT-Designer PM3 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-481
ZDI-CAN-25723
CVE-2025-7230
(0Day) INVT VT-Designer PM3 File Parsing Type Confusion Remote Code Execution Vulnerability
ZDI-25-480
ZDI-CAN-25722
CVE-2025-7229
ZDI-25-479
ZDI-CAN-25571
CVE-2025-7228
ZDI-25-478
ZDI-CAN-25550
CVE-2025-7227
ZDI-25-477
ZDI-CAN-25048
CVE-2025-7226
(0Day) INVT HMITool VPM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-476
ZDI-CAN-25047
CVE-2025-7225
ZDI-25-475
ZDI-CAN-25045
CVE-2025-7224
ZDI-25-474
ZDI-CAN-25044
CVE-2025-7223
ZDI-25-473
ZDI-CAN-25039
CVE-2025-6812
Parallels Client Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
ZDI-25-472
ZDI-CAN-26720
CVE-2025-47726
Delta Electronics CNCSoft Screen Editor DPB File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-471
ZDI-CAN-26842
CVE-2025-47727
ZDI-25-470
ZDI-CAN-26719
CVE-2025-47725
ZDI-25-469
ZDI-CAN-26718
CVE-2025-47724
ZDI-25-468
ZDI-CAN-26061
GFI
CVE-2019-18935, CVE-2017-11317, CVE-2014-2217
GFI Archiver Telerik Web UI Remote Code Execution Vulnerability
ZDI-25-467
ZDI-CAN-27381
GStreamer
CVE-2025-6663
GStreamer H266 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-466
ZDI-CAN-25218
CVE-2025-6809
(0Day) Marvell QConvergeConsole readNICParametersFromFile Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-465
ZDI-CAN-25217
CVE-2025-6808
(0Day) Marvell QConvergeConsole readObjectFromConfigFile Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-464
ZDI-CAN-24922
CVE-2025-6802
(0Day) Marvell QConvergeConsole getFileFromURL Unrestricted File Upload Remote Code Execution Vulnerability
ZDI-25-463
ZDI-CAN-24980
CVE-2025-6807
(0Day) Marvell QConvergeConsole getDriverTmpPath Directory Traversal Information Disclosure Vulnerability
ZDI-25-462
ZDI-CAN-24979
CVE-2025-6806
(0Day) Marvell QConvergeConsole decryptFile Directory Traversal Arbitrary File Write Vulnerability
ZDI-25-461
ZDI-CAN-24925
CVE-2025-6805
(0Day) Marvell QConvergeConsole deleteEventLogFile Directory Traversal Arbitrary File Deletion Vulnerability
ZDI-25-460
ZDI-CAN-24921
CVE-2025-6801
(0Day) Marvell QConvergeConsole saveNICParamsToFile Directory Traversal Arbitrary File Write Vulnerability
ZDI-25-459
ZDI-CAN-24920
CVE-2025-6800
(0Day) Marvell QConvergeConsole restoreESwitchConfig Directory Traversal Information Disclosure Vulnerability
ZDI-25-458
ZDI-CAN-24919
CVE-2025-6799
(0Day) Marvell QConvergeConsole getFileUploadBytes Directory Traversal Information Disclosure Vulnerability
ZDI-25-457
ZDI-CAN-24918
CVE-2025-6798
(0Day) Marvell QConvergeConsole deleteAppFile Directory Traversal Arbitrary File Deletion Vulnerability
ZDI-25-456
ZDI-CAN-24917
CVE-2025-6797
ZDI-25-455
ZDI-CAN-24914
CVE-2025-6795
(0Day) Marvell QConvergeConsole getFileUploadSize Directory Traversal Information Disclosure Vulnerability
ZDI-25-454
ZDI-CAN-24913
CVE-2025-6794
(0Day) Marvell QConvergeConsole saveAsText Directory Traversal Remote Code Execution Vulnerability
ZDI-25-453
ZDI-CAN-24924
CVE-2025-6804
(0Day) Marvell QConvergeConsole compressFirmwareDumpFiles Directory Traversal Information Disclosure Vulnerability
ZDI-25-452
ZDI-CAN-24923
CVE-2025-6803
(0Day) Marvell QConvergeConsole compressDriverFiles Directory Traversal Information Disclosure Vulnerability
ZDI-25-451
ZDI-CAN-24916
CVE-2025-6796
(0Day) Marvell QConvergeConsole getAppFileBytes Directory Traversal Information Disclosure Vulnerability
ZDI-25-450
ZDI-CAN-24912
CVE-2025-6793
(0Day) Marvell QConvergeConsole QLogicDownloadImpl Directory Traversal Arbitrary File Deletion and Information Disclosure Vulnerability
ZDI-25-449
ZDI-CAN-25397
Mescius
CVE-2025-6811
(0Day) Mescius ActiveReports.NET TypeResolutionService Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-448
ZDI-CAN-25246
CVE-2025-6810
(0Day) Mescius ActiveReports.NET ReadValue Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-447
ZDI-CAN-26985
PDF-XChange
CVE-2025-6662
PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-446
ZDI-CAN-26823
CVE-2025-6661
PDF-XChange Editor App Object Use-After-Free Remote Code Execution Vulnerability
ZDI-25-445
ZDI-CAN-26734
CVE-2025-6659
PDF-XChange Editor PRC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-444
ZDI-CAN-26733
CVE-2025-6658
ZDI-25-443
ZDI-CAN-26763
CVE-2025-6660
PDF-XChange Editor GIF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-442
ZDI-CAN-26732
CVE-2025-6657
ZDI-25-441
ZDI-CAN-26731
CVE-2025-6656
ZDI-25-440
ZDI-CAN-26730
CVE-2025-6655
ZDI-25-439
ZDI-CAN-26729
CVE-2025-6654
ZDI-25-438
ZDI-CAN-26726
CVE-2025-6653
ZDI-25-437
ZDI-CAN-26724
CVE-2025-6652
ZDI-25-436
ZDI-CAN-26713
CVE-2025-6651
PDF-XChange Editor JP2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-435
ZDI-CAN-26712
CVE-2025-6650
PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-434
ZDI-CAN-26709
CVE-2025-6649
ZDI-25-433
ZDI-CAN-26671
CVE-2025-6648
ZDI-25-432
ZDI-CAN-26644
CVE-2025-6647
PDF-XChange Editor U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-431
ZDI-CAN-26643
CVE-2025-6646
PDF-XChange Editor U3D File Parsing Use-After-Free Information Disclosure Vulnerability
ZDI-25-430
ZDI-CAN-26642
CVE-2025-6645
PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability
ZDI-25-429
ZDI-CAN-26536
CVE-2025-6644
ZDI-25-428
ZDI-CAN-26532
CVE-2025-6643
ZDI-25-427
ZDI-CAN-26530
CVE-2025-6642
PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-426
ZDI-CAN-26528
CVE-2025-6641
ZDI-25-425
ZDI-CAN-26527
CVE-2025-6640
ZDI-25-424
ZDI-CAN-26415
Mikrotik
CVE-2025-6443
Mikrotik RouterOS VXLAN Source IP Improper Access Control Vulnerability
ZDI-25-423
ZDI-CAN-23719
Microsoft WinJS winjsdevelop Uncontrolled Search Path Element Remote Code Execution Vulnerability
ZDI-25-422
ZDI-CAN-24823
Microsoft Azure Machine Learning Environments Denial-of-Service Vulnerability
ZDI-25-421
ZDI-CAN-24622
Microsoft Azure App Services Information Disclosure Vulnerability
ZDI-25-420
ZDI-CAN-26241
PaperCut
CVE-2024-8404
PaperCut NG web-print-hot-folder Link Following Local Privilege Escalation Vulnerability
ZDI-25-419
ZDI-CAN-26660
CVE-2025-36537
TeamViewer Incorrect Permission Assignment Local Privilege Escalation Vulnerability
ZDI-25-418
ZDI-CAN-26498
CVE-2025-31196
Apple macOS CoreGraphics PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-417
ZDI-CAN-26010
Clam AntiVirus
CVE-2025-20234
Clam AntiVirus UDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-416
ZDI-CAN-25837
ServiceStack
CVE-2025-6445
ServiceStack FindType Directory Traversal Remote Code Execution Vulnerability
ZDI-25-415
ZDI-CAN-25834
CVE-2025-6444
ServiceStack GetErrorResponse Improper Input Validation NTLM Relay Vulnerability
ZDI-25-414
ZDI-CAN-21876
Ruby
CVE-2025-6442
Ruby WEBrick read_header HTTP Request Smuggling Vulnerability
ZDI-25-413
ZDI-CAN-26018
CVE-2025-41388
Fuji Electric Smart Editor TL5 File Parsing Stack-Based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-412
ZDI-CAN-26031
CVE-2025-41413
Fuji Electric Smart Editor X1 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-411
ZDI-CAN-26167
Delta Electronics CNCSoft-G2 DPAX File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-410
ZDI-CAN-27104
CVE-2025-6216
Allegra calculateTokenExpDate Password Recovery Authentication Bypass Vulnerability
ZDI-25-409
ZDI-CAN-27198
RARLAB
CVE-2025-6218
RARLAB WinRAR Directory Traversal Remote Code Execution Vulnerability
ZDI-25-408
ZDI-CAN-24161
PEAK-System
CVE-2025-6217
PEAK-System Driver PCANFD_ADD_FILTERS Time-Of-Check Time-Of-Use Information Disclosure Vulnerability
ZDI-25-407
ZDI-CAN-25346
CVE-2024-28988
ZDI-25-406
ZDI-CAN-25087
CVE-2024-45711
SolarWinds Serv-U FTP Service Directory Traversal Remote Code Execution Vulnerability
ZDI-25-405
ZDI-CAN-26024
Fuji Electric Smart Editor X1 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-404
ZDI-CAN-26022
ZDI-25-403
ZDI-CAN-26020
Fuji Electric Smart Editor V8 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-402
ZDI-CAN-25942
Fuji Electric Smart Editor TL5 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-401
ZDI-CAN-26028
Fuji Electric Smart Editor V10 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-400
ZDI-CAN-26032
CVE-2025-32412
Fuji Electric Smart Editor TL5 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-399
ZDI-CAN-26026
ZDI-25-398
ZDI-CAN-25876
CVE-2025-49384
Trend Micro Internet Security Platinum Host Service Link Following Local Privilege Escalation Vulnerability
ZDI-25-397
ZDI-CAN-25049
CVE-2025-3495
Delta Electronics COMMGR Insufficient Randomization Authentication Bypass Vulnerability
ZDI-25-396
ZDI-CAN-25916
CVE-2025-31353
Siemens TeleControl Server Basic UpdateOpcSettings SQL Injection Information Disclosure Vulnerability
ZDI-25-395
ZDI-CAN-25915
CVE-2025-31352
Siemens TeleControl Server Basic UpdateGateways SQL Injection Information Disclosure Vulnerability
ZDI-25-394
ZDI-CAN-25917
CVE-2025-31351
Siemens TeleControl Server Basic CreateProject SQL Injection Information Disclosure Vulnerability
ZDI-25-393
ZDI-CAN-25918
CVE-2025-31350
Siemens TeleControl Server Basic UpdateBufferingSettings SQL Injection Information Disclosure Vulnerability
ZDI-25-392
ZDI-CAN-25919
CVE-2025-31349
Siemens TeleControl Server Basic UpdateSmtpSettings SQL Injection Information Disclosure Vulnerability
ZDI-25-391
ZDI-CAN-25920
CVE-2025-31343
Siemens TeleControl Server Basic UpdateTcmSettings SQL Injection Information Disclosure Vulnerability
ZDI-25-390
ZDI-CAN-25921
CVE-2025-30032
Siemens TeleControl Server Basic UpdateDatabaseSettings SQL Injection Information Disclosure Vulnerability
ZDI-25-389
ZDI-CAN-25922
CVE-2025-30031
Siemens TeleControl Server Basic UpdateUsers SQL Injection Information Disclosure Vulnerability
ZDI-25-388
ZDI-CAN-25924
CVE-2025-30030
Siemens TeleControl Server Basic ImportDatabase SQL Injection Information Disclosure Vulnerability
ZDI-25-387
ZDI-CAN-25910
CVE-2025-30003
Siemens TeleControl Server Basic UpdateProjectConnections SQL Injection Information Disclosure Vulnerability
ZDI-25-386
ZDI-CAN-25909
CVE-2025-30002
Siemens TeleControl Server Basic UpdateConnectionVariables SQL Injection Information Disclosure Vulnerability
ZDI-25-385
ZDI-CAN-25923
CVE-2025-29905
Siemens TeleControl Server Basic RestoreFromBackup SQL Injection Remote Code Execution Vulnerability
ZDI-25-384
ZDI-CAN-25913
CVE-2025-27540
Siemens TeleControl Server Basic Authenticate SQL Injection Remote Code Execution Vulnerability
ZDI-25-383
ZDI-CAN-25914
CVE-2025-27539
Siemens TeleControl Server Basic VerifyUser SQL Injection Remote Code Execution Vulnerability
ZDI-25-382
ZDI-CAN-25912
CVE-2025-32475
Siemens TeleControl Server Basic UpdateProject SQL Injection Information Disclosure Vulnerability
ZDI-25-381
ZDI-CAN-25911
CVE-2025-27495
Siemens TeleControl Server Basic CreateTrace SQL Injection Remote Code Execution Vulnerability
ZDI-25-380
ZDI-CAN-25877
CVE-2025-49385
Trend Micro Maximum Security Platinum Host Service Link Following Local Privilege Escalation Vulnerability
ZDI-25-379
ZDI-CAN-25589
Ubiquiti Networks
CVE-2025-23117
(Pwn2Own) Ubiquiti Networks AI Bullet Insufficient Firmware Update Validation Remote Code Execution Vulnerability
ZDI-25-378
ZDI-CAN-25588
CVE-2025-23116
(Pwn2Own) Ubiquiti Networks UniFi Console Missing Authentication for Critical Function Authentication Bypass Vulnerability
ZDI-25-377
ZDI-CAN-25603
CVE-2025-23119
(Pwn2Own) Ubiquiti Networks AI Bullet Improper Neutralization of Escape Sequences Authentication Bypass Vulnerability
ZDI-25-376
ZDI-CAN-25666
CVE-2025-23118
(Pwn2Own) Ubiquiti Networks AI Bullet Improper Certificate Validation Authentication Bypass Vulnerability
ZDI-25-375
ZDI-CAN-25526
CVE-2025-49218
Trend Micro Endpoint Encryption ProcessWhereClause SQL Injection Privilege Escalation Vulnerability
ZDI-25-374
ZDI-CAN-25505
CVE-2025-49217
Trend Micro Endpoint Encryption ValidateToken Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-373
ZDI-CAN-25519
CVE-2025-49216
Trend Micro Endpoint Encryption DbAppDomain Authentication Bypass Vulnerability
ZDI-25-372
ZDI-CAN-25527
CVE-2025-49215
Trend Micro Endpoint Encryption GetGroupFilteredUsers SQL Injection Privilege Escalation Vulnerability
ZDI-25-371
ZDI-CAN-25518
CVE-2025-49212
Trend Micro Endpoint Encryption DeserializeFromBase64String Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-370
ZDI-CAN-25506
CVE-2025-49213
Trend Micro Endpoint Encryption PolicyServerWindowsService Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-369
ZDI-CAN-25507
Trend Micro Endpoint Encryption PolicyValueTableSerializationBinder Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-368
ZDI-CAN-25528
CVE-2025-49211
Trend Micro Endpoint Encryption BuildEnterpriseSearchString SQL Injection Privilege Escalation Vulnerability
ZDI-25-367
ZDI-CAN-25495
CVE-2025-49220
Trend Micro Apex Central ConvertFromJson Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-366
ZDI-CAN-25286
CVE-2025-49219
Trend Micro Apex Central GetReportDetailView Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-365
ZDI-CAN-25771
CVE-2025-49158
Trend Micro Apex One Security Agent ntrmv Uncontrolled Search Path Local Privilege Escalation Vulnerability
ZDI-25-364
ZDI-CAN-25273
CVE-2025-49157
Trend Micro Apex One Damage Cleanup Engine Link Following Local Privilege Escalation Vulnerability
ZDI-25-363
ZDI-CAN-24973
CVE-2025-49156
Trend Micro Apex One Virus Scan Engine Link Following Local Privilege Escalation Vulnerability
ZDI-25-362
ZDI-CAN-24571
CVE-2025-49155
Trend Micro Apex One Data Loss Prevention Uncontrolled Search Path Remote Code Execution Vulnerability
ZDI-25-361
ZDI-CAN-25574
CVE-2025-48443
ZDI-25-360
ZDI-CAN-23056
CVE-2025-49487
Trend Micro Worry-Free Business Security Uncontrolled Search Path Element Arbitrary Code Execution Vulnerability
ZDI-25-359
ZDI-CAN-26586
CVE-2025-47959
Microsoft Visual Studio initializeCommand Insufficient UI Warning Remote Code Execution Vulnerability
ZDI-25-358
ZDI-CAN-26285
Sony
CVE-2025-5820
(Pwn2Own) Sony XAV-AX8500 Bluetooth ERTM Channel Authentication Bypass Vulnerability
ZDI-25-357
ZDI-CAN-26284
CVE-2025-5476
(Pwn2Own) Sony XAV-AX8500 Bluetooth Improper Isolation Authentication Bypass Vulnerability
ZDI-25-356
ZDI-CAN-26290
CVE-2025-5479
(Pwn2Own) Sony XAV-AX8500 Bluetooth AVCTP Protocol Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-355
ZDI-CAN-26288
CVE-2025-5478
(Pwn2Own) Sony XAV-AX8500 Bluetooth SDP Protocol Integer Overflow Remote Code Execution Vulnerability
ZDI-25-354
ZDI-CAN-26286
CVE-2025-5477
(Pwn2Own) Sony XAV-AX8500 Bluetooth L2CAP Protocol Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-353
ZDI-CAN-26283
CVE-2025-5475
(Pwn2Own) Sony XAV-AX8500 Bluetooth Packet Handling Integer Overflow Remote Code Execution Vulnerability
ZDI-25-352
ZDI-CAN-26079
Pioneer
CVE-2025-5832
Pioneer DMH-WT7600NEX Software Update Signing Insufficient Verification of Data Authenticity Vulnerability
ZDI-25-351
ZDI-CAN-26078
CVE-2025-5834
Pioneer DMH-WT7600NEX Missing Immutable Root of Trust in Hardware Local Privilege Escalation Vulnerability
ZDI-25-350
ZDI-CAN-26077
CVE-2025-5833
Pioneer DMH-WT7600NEX Root Filesystem Insufficient Verification of Data Authenticity Vulnerability
ZDI-25-349
ZDI-CAN-26327
Autel
CVE-2025-5830
(Pwn2Own) Autel MaxiCharger AC Wallbox Commercial DLB_SlaveRegister Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-348
ZDI-CAN-26330
CVE-2025-5829
(Pwn2Own) Autel MaxiCharger AC Wallbox Commercial autocharge Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-347
ZDI-CAN-26328
CVE-2025-5828
(Pwn2Own) Autel MaxiCharger AC Wallbox Commercial wLength Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-346
ZDI-CAN-26369
CVE-2025-5827
(Pwn2Own) Autel MaxiCharger AC Wallbox Commercial ble_process_esp32_msg Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-345
ZDI-CAN-26368
CVE-2025-5826
(Pwn2Own) Autel MaxiCharger AC Wallbox Commercial ble_process_esp32_msg Misinterpretation of Input Vulnerability
ZDI-25-344
ZDI-CAN-26354
CVE-2025-5825
(Pwn2Own) Autel MaxiCharger AC Wallbox Commercial Firmware Downgrade Remote Code Execution Vulnerability
ZDI-25-343
ZDI-CAN-26353
CVE-2025-5824
(Pwn2Own) Autel MaxiCharger AC Wallbox Commercial Origin Validation Error Authentication Bypass Vulnerability
ZDI-25-342
ZDI-CAN-26352
(Pwn2Own) Autel MaxiCharger AC Wallbox Commercial PIN Missing Authentication Information Disclosure Vulnerability
ZDI-25-341
ZDI-CAN-26351
CVE-2025-5823
(Pwn2Own) Autel MaxiCharger AC Wallbox Commercial Serial Number Exposed Dangerous Method Information Disclosure Vulnerability
ZDI-25-340
ZDI-CAN-26325
CVE-2025-5822
(Pwn2Own) Autel MaxiCharger AC Wallbox Commercial Technician API Incorrect Authorization Privilege Escalation Vulnerability
ZDI-25-339
ZDI-CAN-25932
Jupyter
CVE-2025-30167
JupyterLab Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
ZDI-25-338
ZDI-CAN-26593
CVE-2025-43574
Adobe Acrobat Reader DC Collab Object Use-After-Free Remote Code Execution Vulnerability
ZDI-25-337
ZDI-CAN-26777
CVE-2025-47112
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-336
ZDI-CAN-26590
CVE-2025-43573
ZDI-25-335
ZDI-CAN-26342
CVE-2025-43575
Adobe Acrobat Reader DC Doc Object Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-334
ZDI-CAN-26776
CVE-2025-30394
Microsoft Windows Remote Desktop Gateway Service Null Pointer Dereference Denial-of-Service Vulnerability
ZDI-25-333
ZDI-CAN-26487
CVE-2025-32714
Microsoft Windows Installer Service Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
ZDI-25-332
ZDI-CAN-26710
CVE-2025-33075
Microsoft Windows Installer Service Link Following Local Privilege Escalation Vulnerability
ZDI-25-331
ZDI-CAN-26852
CVE-2025-5036
Autodesk Revit RFA File Parsing Use-After-Free Remote Code Execution Vulnerability
ZDI-25-330
ZDI-CAN-26292
WOLFBOX
CVE-2025-5751
(0Day) (Pwn2Own) WOLFBOX Level 2 EV Charger Management Card Hard-coded Credentials Authentication Bypass Vulnerability
ZDI-25-329
ZDI-CAN-26294
CVE-2025-5750
(0Day) (Pwn2Own) WOLFBOX Level 2 EV Charger tuya_svc_devos_activate_result_parse Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-328
ZDI-CAN-26295
CVE-2025-5749
(0Day) (Pwn2Own) WOLFBOX Level 2 EV Charger BLE Encryption Keys Uninitialized Variable Authentication Bypass Vulnerability
ZDI-25-327
ZDI-CAN-26349
CVE-2025-5748
(0Day) (Pwn2Own) WOLFBOX Level 2 EV Charger LAN OTA Exposed Dangerous Method Remote Code Execution Vulnerability
ZDI-25-326
ZDI-CAN-26501
CVE-2025-5747
(0Day) (Pwn2Own) WOLFBOX Level 2 EV Charger MCU Command Parsing Misinterpretation of Input Remote Code Execution Vulnerability
ZDI-25-325
ZDI-CAN-25954
CVE-2025-37099
Hewlett Packard Enterprise Insight Remote Support processAttachmentDataStream Directory Traversal Remote Code Execution Vulnerability
ZDI-25-324
ZDI-CAN-26168
CVE-2025-5481
Sante DICOM Viewer Pro DCM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-323
ZDI-CAN-26767
Action1
CVE-2025-5480
Action1 Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
ZDI-25-322
ZDI-CAN-26962
2BrightSparks
CVE-2025-5474
2BrightSparks SyncBackFree Link Following Local Privilege Escalation Vulnerability
ZDI-25-321
ZDI-CAN-26752
CVE-2025-5473
GIMP ICO File Parsing Integer Overflow Remote Code Execution Vulnerability
ZDI-25-320
ZDI-CAN-26279
CVE-2025-26396
SolarWinds DameWare Mini Remote Control Service Incorrect Permissions Local Privilege Escalation Vulnerability
ZDI-25-319
ZDI-CAN-25316
CVE-2025-37096
Hewlett Packard Enterprise StoreOnce VSA getServerCertificate Command Injection Remote Code Execution Vulnerability
ZDI-25-318
ZDI-CAN-25315
CVE-2025-37095
Hewlett Packard Enterprise StoreOnce VSA getServerPayload Directory Traversal Information Disclosure Vulnerability
ZDI-25-317
ZDI-CAN-25314
CVE-2025-37094
Hewlett Packard Enterprise StoreOnce VSA deletePackages Directory Traversal Arbitrary File Deletion Vulnerability
ZDI-25-316
ZDI-CAN-24985
CVE-2025-37093
Hewlett Packard Enterprise StoreOnce VSA Authentication Bypass Vulnerability
ZDI-25-315
ZDI-CAN-24984
CVE-2025-37092
Hewlett Packard Enterprise StoreOnce VSA queryHardwareReportLocally Command Injection Remote Code Execution Vulnerability
ZDI-25-314
ZDI-CAN-24983
CVE-2025-37091
Hewlett Packard Enterprise StoreOnce VSA doExecute Command Injection Remote Code Execution Vulnerability
ZDI-25-313
ZDI-CAN-24982
CVE-2025-37090
Hewlett Packard Enterprise StoreOnce VSA determineInclusionAndExtract Server-Side Request Forgery Vulnerability
ZDI-25-312
ZDI-CAN-24981
CVE-2025-37089
Hewlett Packard Enterprise StoreOnce VSA setLocateBeaconOnHardware Command Injection Remote Code Execution Vulnerability
ZDI-25-311
ZDI-CAN-25865
Sonos
CVE-2025-1051
(Pwn2Own) Sonos Era 300 Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-310
ZDI-CAN-26505
CVE-2025-22037
Linux Kernel ksmbd Session Setup Null Pointer Dereference Denial-of-Service Vulnerability
ZDI-25-309
ZDI-CAN-25779
Canon
CVE-2025-2146
(Pwn2Own) Canon imageCLASS MF656Cdw sfpcmAuthenticateSecAdmin Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-308
ZDI-CAN-25684
CVE-2025-30310
Adobe Dreamweaver V8 Remote Code Execution Vulnerability
ZDI-25-307
ZDI-CAN-26711
Linux Kernel OpenvSwitch Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-306
ZDI-CAN-23513
Docker
CVE-2024-5652
Docker Desktop Helper Service Link Following Local Privilege Escalation Vulnerability
ZDI-25-305
ZDI-CAN-24156
CVE-2025-31219
Apple XNU kernel vm_map Race Condition Local Privilege Escalation Vulnerability
ZDI-25-304
ZDI-CAN-26603
CVE-2025-31251
Apple macOS JPEG Image Decoding Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-303
ZDI-CAN-26148
CVE-2025-24222
Apple Safari SandboxBroker ZIP File Processing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-302
ZDI-CAN-26650
Apple macOS CoreMedia Framework Memory Corruption Remote Code Execution Vulnerability
ZDI-25-301
ZDI-CAN-26150
CVE-2025-31238
Apple Safari Scrollbar Animation Use-After-Free Remote Code Execution Vulnerability
ZDI-25-300
ZDI-CAN-26714
CVE-2025-31209
Apple macOS PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-299
ZDI-CAN-26783
CVE-2025-31208
Apple macOS acv2 Codec Converter Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-298
ZDI-CAN-26826
CVE-2025-31233
Apple macOS MP4 File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-297
ZDI-CAN-24936
CVE-2025-47867
Trend Micro Apex Central widget getBlock Local File Inclusion Remote Code Execution Vulnerability
ZDI-25-296
ZDI-CAN-25331
CVE-2025-47866
Trend Micro Apex Central modTMCM Unrestricted File Upload Vulnerability
ZDI-25-295
ZDI-CAN-24938
CVE-2025-47865
Trend Micro Apex Central widget getObjWGFServiceApiByApiName Local File Inclusion Remote Code Execution Vulnerability
ZDI-25-294
ZDI-CAN-26137
CVE-2025-29975
Microsoft PC Manager MSPCManagerService Link Following Local Privilege Escalation Vulnerability
ZDI-25-293
ZDI-CAN-26153
CVE-2025-29837
Microsoft Windows Installer Service Link Following Information Disclosure Vulnerability
ZDI-25-292
ZDI-CAN-27202
CVE-2025-4918
(Pwn2Own) Mozilla Firefox SpiderMonkey Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-291
ZDI-CAN-27172
CVE-2025-4919
(Pwn2Own) Mozilla Firefox IonMonkey JIT Compiler Integer Overflow Remote Code Execution Vulnerability
ZDI-25-290
ZDI-CAN-25727
CVE-2025-3617
Rockwell Automation ThinManager ThinServer Link Following Local Privilege Escalation Vulnerability
ZDI-25-289
ZDI-CAN-25872
CVE-2025-3618
Rockwell Automation ThinManager ThinServer Null Pointer Dereference Denial-of-Service Vulnerability
ZDI-25-288
ZDI-CAN-25181
CVE-2025-25254
Fortinet FortiWeb cgi_httpcontentrouting_post Directory Traversal Remote Code Execution Vulnerability
ZDI-25-287
ZDI-CAN-25977
JetBrains
CVE-2025-46618
JetBrains TeamCity Diagnostics Data Directory Cross-Site Scripting Vulnerability
ZDI-25-286
ZDI-CAN-26017
CVE-2025-1883
Dassault Systèmes eDrawings Viewer OBJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-285
ZDI-CAN-26029
CVE-2025-1884
Dassault Systèmes eDrawings Viewer SLDPRT File Parsing Use-After-Free Remote Code Execution Vulnerability
ZDI-25-284
ZDI-CAN-22063
MATE Desktop
MATE Desktop Atril Document Viewer EPUB File Parsing Directory Traversal Remote Code Execution Vulnerability
ZDI-25-283
ZDI-CAN-22225
MATE Desktop Atril Document Viewer CBT File Parsing Argument Injection Remote Code Execution Vulnerability
ZDI-25-282
ZDI-CAN-26502
Webmin
CVE-2025-2774
Webmin CRLF Injection Privilege Escalation Vulnerability
ZDI-25-281
ZDI-CAN-25017
CVE-2025-20175
Cisco IOS XE SNMP SET cewProxyClass Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-280
ZDI-CAN-25024
CVE-2025-20170
Cisco IOS XE SNMP GET-NEXT ciscoFlashChipCode Unexpected Sign Extension Denial-of-Service Vulnerability
ZDI-25-279
ZDI-CAN-25022
CVE-2025-20173
Cisco IOS XE SNMP GET-NEXT cContextMappingBridgeDomainIdentifier Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-278
ZDI-CAN-25021
CVE-2025-20176
Cisco IOS XE SNMP GET-NEXT ctspIpSgtValue Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-277
ZDI-CAN-25020
Cisco IOS XE SNMP SET cewEventTime Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-276
ZDI-CAN-25019
CVE-2025-20174
Cisco IOS XE SNMP GET-NEXT cilmCurrentImageLevel Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-275
ZDI-CAN-25018
CVE-2025-20171
Cisco IOS XE SNMP GET-NEXT callHomeUserDefCmdName Unexpected Sign Extension Denial-of-Service Vulnerability
ZDI-25-274
ZDI-CAN-25575
CVE-2025-20172
Cisco IOS XE SNMP OID Handling Out-Of-Bounds Read Denial-of-Service Vulnerability
ZDI-25-273
ZDI-CAN-25023
ZDI-25-272
ZDI-CAN-25576
ZDI-25-271
ZDI-CAN-25577
ZDI-25-270
ZDI-CAN-25030
CVE-2025-20169
Cisco IOS XE SNMP GET-NEXT ciscoFlashFileSize Unexpected Sign Extension Denial-of-Service Vulnerability
ZDI-25-269
ZDI-CAN-25663
CVE-2024-10445
(Pwn2Own) Synology BeeStation BST150-4T Unnecessary Privileges Remote Code Execution Vulnerability
ZDI-25-268
ZDI-CAN-25448
CVE-2025-2759
GStreamer Incorrect Permission Assignment Local Privilege Escalation Vulnerability
ZDI-25-267
ZDI-CAN-26596
CVE-2025-3887
GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-266
ZDI-CAN-22235
Apache
CVE-2025-29953
Apache ActiveMQ NMS Body Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-265
ZDI-CAN-23800
CVE-2025-2082
(Pwn2Own) Tesla Model 3 VCSEC Integer Overflow Remote Code Execution Vulnerability
ZDI-25-264
ZDI-CAN-23201
CVE-2024-6032
(Pwn2Own) Tesla Model S Iris Modem ql_atfwd Command Injection Code Execution Vulnerability
ZDI-25-263
ZDI-CAN-23200
CVE-2024-6030
(Pwn2Own) Tesla Model S oFono Unnecessary Privileges Sandbox Escape Vulnerability
ZDI-25-262
ZDI-CAN-23199
CVE-2024-13943
(Pwn2Own) Tesla Model S Iris Modem QCMAP_ConnectionManager Improper Input Validation Sandbox Escape Vulnerability
ZDI-25-261
ZDI-CAN-23198
CVE-2024-6031
(Pwn2Own) Tesla Model S oFono AT Command Heap-based Buffer Overflow Code Execution Vulnerability
ZDI-25-260
ZDI-CAN-23197
CVE-2024-6029
(Pwn2Own) Tesla Model S Iris Modem Race Condition Firewall Bypass Vulnerability
ZDI-25-259
ZDI-CAN-23843
CVE-2024-34098
(Pwn2Own) Adobe Acrobat Reader DC Collab Command Injection Remote Code Execution Vulnerability
ZDI-25-258
ZDI-CAN-23553
CVE-2024-34099
(Pwn2Own) Adobe Acrobat Reader DC distributionURL JavaScript API Restrictions Bypass Vulnerability
ZDI-25-257
ZDI-CAN-23786
CVE-2024-21113
(Pwn2Own) Oracle VirtualBox OHCI USB Controller Race Condition Local Privilege Escalation Vulnerability
ZDI-25-256
ZDI-CAN-26610
CVE-2025-3500
Avast Free Antivirus Integer Overflow Local Privilege Escalation Vulnerability
ZDI-25-255
ZDI-CAN-25730
CVE-2025-3486
Allegra isZipEntryValide Directory Traversal Remote Code Execution Vulnerability
ZDI-25-254
ZDI-CAN-26524
CVE-2025-3485
Allegra extractFileFromZip Directory Traversal Remote Code Execution Vulnerability
ZDI-25-253
ZDI-CAN-25726
SonicWALL
CVE-2025-32817
SonicWALL Connect Tunnel Link Following Denial-of-Service Vulnerability
ZDI-25-252
ZDI-CAN-23275
Cato Networks
(0Day) Cato Networks Cato Client for macOS Helper Service Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability
ZDI-25-251
ZDI-CAN-23942
Harman Becker
CVE-2025-3885
(0Day) Harman Becker MGU21 Bluetooth Improper Input Validation Denial-of-Service Vulnerability
ZDI-25-250
ZDI-CAN-24332
Cloudera
CVE-2025-3884
(0Day) Cloudera Hue Ace Editor Directory Traversal Information Disclosure Vulnerability
ZDI-25-249
ZDI-CAN-23115
eCharge Hardy Barth
CVE-2025-3883
(0Day) eCharge Hardy Barth cPH2 index.php Command Injection Remote Code Execution Vulnerability
ZDI-25-248
ZDI-CAN-23114
CVE-2025-3882
(0Day) eCharge Hardy Barth cPH2 nwcheckexec.php dest Command Injection Remote Code Execution Vulnerability
ZDI-25-247
ZDI-CAN-23113
CVE-2025-3881
(0Day) eCharge Hardy Barth cPH2 check_req.php ntp Command Injection Remote Code Execution Vulnerability
ZDI-25-246
ZDI-CAN-25842
MedDream
CVE-2025-3480
MedDream WEB DICOM Viewer Cleartext Transmission of Credentials Information Disclosure Vulnerability
ZDI-25-245
ZDI-CAN-25827
CVE-2025-3481
MedDream PACS Server DICOM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-244
ZDI-CAN-25826
CVE-2025-3482
ZDI-25-243
ZDI-CAN-25825
CVE-2025-3483
ZDI-25-242
ZDI-CAN-25853
CVE-2025-3484
ZDI-25-241
ZDI-CAN-25681
CVE-2025-30642
Trend Micro Deep Security Agent Link Following Denial-of-Service Vulnerability
ZDI-25-240
ZDI-CAN-24931
CVE-2025-30641
Trend Micro Deep Security Anti-Malware Solution Platform Link Following Local Privilege Escalation Vulnerability
ZDI-25-239
ZDI-CAN-24930
CVE-2025-30640
Trend Micro Deep Security Link Following Local Privilege Escalation Vulnerability
ZDI-25-238
ZDI-CAN-25524
CVE-2025-30680
Trend Micro Apex Central Query Server-Side Request Forgery Information Disclosure Vulnerability
ZDI-25-237
ZDI-CAN-24934
CVE-2025-30679
Trend Micro Apex Central modOSCE Server-Side Request Forgery Information Disclosure Vulnerability
ZDI-25-236
ZDI-CAN-24939
CVE-2025-30678
Trend Micro Apex Central modTMSM Server-Side Request Forgery Information Disclosure Vulnerability
ZDI-25-235
ZDI-CAN-25953
CVE-2025-22461
Ivanti Endpoint Manager OpenRecordSet SQL Injection Remote Code Execution Vulnerability
ZDI-25-234
ZDI-CAN-25985
CVE-2025-29812
Microsoft Windows dxkrnl Untrusted Pointer Dereference Local Privilege Escalation Vulnerability
ZDI-25-233
ZDI-CAN-24586
CVE-2025-1045
Luxion KeyShot Viewer KSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-232
ZDI-CAN-23694
CVE-2025-1047
Luxion KeyShot PVS File Parsing Access of Uninitialized Pointer Remote Code Execution Vulnerability
ZDI-25-231
ZDI-CAN-23646
CVE-2025-1046
Luxion KeyShot SKP File Parsing Use-After-Free Remote Code Execution Vulnerability
ZDI-25-230
ZDI-CAN-25651
CVE-2024-49413
(Pwn2Own) Samsung Galaxy S24 Smart Switch Agent Improper Verification of Cryptographic Signature Remote Code Execution Vulnerability
ZDI-25-229
ZDI-CAN-25650
CVE-2024-49421
(Pwn2Own) Samsung Galaxy S24 Quick Share Directory Traversal Arbitrary File Write Vulnerability
ZDI-25-228
ZDI-CAN-25649
(Pwn2Own) Samsung Galaxy S24 Quick Share Insufficient UI Warning Arbitrary File Write Vulnerability
ZDI-25-227
ZDI-CAN-25648
CVE-2024-49420
(Pwn2Own) Samsung Galaxy S24 Gaming Hub Exposed Dangerous Method Local Privilege Escalation Vulnerability
ZDI-25-226
ZDI-CAN-25581
CVE-2024-49419, CVE-2024-49418
(Pwn2Own) Samsung Galaxy S24 Gaming Hub Improper Input Validation Privilege Escalation Vulnerability
ZDI-25-225
ZDI-CAN-25606
CVE-2025-1050
(Pwn2Own) Sonos Era 300 Out-of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-224
ZDI-CAN-25601
CVE-2025-1049
ZDI-25-223
ZDI-CAN-25535
CVE-2025-1048
(Pwn2Own) Sonos Era 300 Speaker libsmb2 Use-After-Free Remote Code Execution Vulnerability
ZDI-25-222
ZDI-CAN-25674
Lexmark
CVE-2024-11346
(Pwn2Own) Lexmark CX331adwe concatstrings Type Confusion Information Disclosure Vulnerability
ZDI-25-221
ZDI-CAN-25849
(Pwn2Own) Lexmark CX331adwe httpd extract-trace Link Following Local Privilege Escalation Vulnerability
ZDI-25-220
ZDI-CAN-25848
(Pwn2Own) Lexmark CX331adwe basic_auth.cgi PATH_TRANSLATED Directory Traversal Remote Code Execution Vulnerability
ZDI-25-219
ZDI-CAN-25676
CVE-2024-11347
(Pwn2Own) Lexmark CX331adwe JBIG2 File Parsing new_image Integer Overflow Remote Code Execution Vulnerability
ZDI-25-218
ZDI-CAN-25621
CVE-2024-11345
(Pwn2Own) Lexmark CX331adwe JPEG2000 Memory Corruption Remote Code Execution Vulnerability
ZDI-25-217
ZDI-CAN-25539
CVE-2024-11344
(Pwn2Own) Lexmark CX331adwe loadCFFdata Type Confusion Remote Code Execution Vulnerability
ZDI-25-216
ZDI-CAN-25538
CVE-2024-11131
(Pwn2Own) Synology TC500 ONVIF Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-215
ZDI-CAN-25487
CVE-2024-10444
(Pwn2Own) Synology DiskStation DS1823xs+ LDAP Client Improper Certificate Validation Authentication Bypass Vulnerability
ZDI-25-214
ZDI-CAN-25403
CVE-2024-10441
(Pwn2Own) Synology DiskStation DS1823xs+ Vue.JS Improper Neutralization of Argument Delimiters Remote Code Execution Vulnerability
ZDI-25-213
ZDI-CAN-25659
CVE-2024-50631
(Pwn2Own) Synology BeeStation BST150-4T SQL Injection Remote Code Execution Vulnerability
ZDI-25-212
ZDI-CAN-25658
CVE-2024-50630
(Pwn2Own) Synology BeeStation BST150-4T Improper Authentication Vulnerability
ZDI-25-211
ZDI-CAN-25613
CVE-2024-50629
(Pwn2Own) Synology BeeStation BST150-4T CRLF Injection Information Disclosure Vulnerability
ZDI-25-210
ZDI-CAN-25662
(Pwn2Own) Synology BeeStation BST150-4T Improper Input Validation Remote Code Execution Vulnerability
ZDI-25-209
ZDI-CAN-25617
(Pwn2Own) Synology BeeStation BST150-4T Cleartext Transmission of Sensitive Information Vulnerability
ZDI-25-208
ZDI-CAN-25607
CVE-2024-10442
(Pwn2Own) Synology DiskStation DS1823xs+ Replication Service Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-207
ZDI-CAN-25623
CVE-2024-10443
(Pwn2Own) Synology BeeStation BST150-4T Command Injection Remote Code Execution Vulnerability
ZDI-25-206
ZDI-CAN-25427
Amazon AWS CloudFormation Templates Uncontrolled Search Path Element Remote Code Execution Vulnerability
ZDI-25-205
ZDI-CAN-25426
ZDI-25-204
ZDI-CAN-25100
CVE-2025-2761
GIMP FLI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-203
ZDI-CAN-25082
CVE-2025-2760
GIMP XWD File Parsing Integer Overflow Remote Code Execution Vulnerability
ZDI-25-202
ZDI-CAN-25559
CVE-2024-55597
Fortinet FortiWeb cgi_xmlprotection_xmlschemafile_post Directory Traversal Arbitrary File Write Vulnerability
ZDI-25-201
ZDI-CAN-25572
CVE-2025-27529
Trend Micro Cleaner One Pro Link Following Denial-of-Service Vulnerability
ZDI-25-200
ZDI-CAN-26250
Exim
CVE-2025-30232
Exim Use-After-Free Local Privilege Escalation Vulnerability
ZDI-25-199
ZDI-CAN-25970
CVE-2025-1660
Autodesk Navisworks Freedom DWFX File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-198
ZDI-CAN-25968
CVE-2025-1659
Autodesk Navisworks Freedom DWFX File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-197
ZDI-CAN-25971
CVE-2025-1658
ZDI-25-196
ZDI-CAN-25736
CVE-2025-24185
ZDI-25-195
ZDI-CAN-25812
CVE-2025-24210
Apple macOS CoreGraphics Image Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-194
ZDI-CAN-26063
CVE-2025-24256
Apple macOS AppleIntelKBLGraphics Time-Of-Check Time-Of-Use Information Disclosure Vulnerability
ZDI-25-193
ZDI-CAN-26154
CVE-2025-24182
Apple macOS CoreText Font Glyphs Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-192
ZDI-CAN-26494
CVE-2025-24190
ZDI-25-191
ZDI-CAN-26497
CVE-2025-24211
Apple macOS MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-190
ZDI-CAN-26495
CVE-2025-24230
Apple macOS MP4 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-189
ZDI-CAN-26248
CVE-2025-24243
Apple macOS AudioToolbox AMR File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-188
ZDI-CAN-26247
CVE-2025-24244
Apple macOS AudioToolboxCore WAV File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-187
ZDI-CAN-25903
BEC Technologies
CVE-2025-2773
(0Day) BEC Technologies Multiple Routers sys ping Command Injection Remote Code Execution Vulnerability
ZDI-25-186
ZDI-CAN-25986
CVE-2025-2770
(0Day) BEC Technologies Multiple Routers Cleartext Password Storage Information Disclosure Vulnerability
ZDI-25-185
ZDI-CAN-25895
CVE-2025-2772
(0Day) BEC Technologies Multiple Routers Insufficiently Protected Credentials Information Disclosure Vulnerability
ZDI-25-184
ZDI-CAN-25894
CVE-2025-2771
(0Day) BEC Technologies Multiple Routers Authentication Bypass Vulnerability
ZDI-25-183
ZDI-CAN-25295
Bdrive
CVE-2025-2769
(0Day) Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
ZDI-25-182
ZDI-CAN-25041
CVE-2025-2768
ZDI-25-181
ZDI-CAN-24407
CVE-2025-2767
(0Day) Arista NG Firewall User-Agent Cross-Site Scripting Remote Code Execution Vulnerability
ZDI-25-180
ZDI-CAN-24996
70mai
CVE-2025-2766
(0Day) 70mai A510 Use of Default Password Authentication Bypass Vulnerability
ZDI-25-179
ZDI-CAN-24356
CarlinKit
CVE-2025-2763
(0Day) CarlinKit CPC200-CCPA Improper Verification of Cryptographic Signature Code Execution Vulnerability
ZDI-25-178
ZDI-CAN-24355
CVE-2025-2764
(0Day) CarlinKit CPC200-CCPA update.cgi Improper Verification of Cryptographic Signature Code Execution Vulnerability
ZDI-25-177
ZDI-CAN-24349
CVE-2025-2765
(0Day) CarlinKit CPC200-CCPA Wireless Hotspot Hard-Coded Credentials Authentication Bypass Vulnerability
ZDI-25-176
ZDI-CAN-25948
CVE-2025-2762
(0Day) CarlinKit CPC200-CCPA Missing Root of Trust Local Privilege Escalation Vulnerability
ZDI-25-175
ZDI-CAN-23709
CVE-2025-2532
(0Day) Luxion KeyShot USDC File Parsing Use-After-Free Remote Code Execution Vulnerability
ZDI-25-174
ZDI-CAN-23704
CVE-2025-2531
(0Day) Luxion KeyShot DAE File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-173
ZDI-CAN-23698
CVE-2025-2530
(0Day) Luxion KeyShot DAE File Parsing Access of Uninitialized Pointer Remote Code Execution Vulnerability
ZDI-25-172
ZDI-CAN-25319
CVE-2025-24124
Apple macOS MOV File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-171
ZDI-CAN-25242
CVE-2024-54500
Apple macOS ImageIO Pixel Conversion Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-170
ZDI-CAN-25546
CVE-2024-54501
Apple macOS WindowServer Denial-of-Service Vulnerability
ZDI-25-169
ZDI-CAN-25201
CVE-2024-54497
Apple macOS WindowServer Unchecked Input for Loop Condition Denial-of-Service Vulnerability
ZDI-25-168
ZDI-CAN-25370
CVE-2025-24123
ZDI-25-167
ZDI-CAN-25735
CVE-2025-24139
Apple macOS ICC Profile Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-166
ZDI-CAN-25338
CVE-2024-54486
Apple macOS libFontParser Glyph Mapping Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-165
ZDI-CAN-25661
CVE-2024-54499
Apple macOS ImageIO JPG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-164
ZDI-CAN-25808
CVE-2025-24149
Apple SceneKit Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-163
ZDI-CAN-26554
CVE-2025-1652
Autodesk AutoCAD MODEL File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-162
ZDI-CAN-25695
CVE-2025-1427
Autodesk AutoCAD CATProduct File Parsing Uninitialized Variable Remote Code Execution Vulnerability
ZDI-25-161
ZDI-CAN-25767
CVE-2025-1428
ZDI-25-160
ZDI-CAN-25784
CVE-2025-1429
Autodesk AutoCAD MODEL File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-159
ZDI-CAN-25811
CVE-2025-1649
Autodesk AutoCAD CATPRODUCT File Parsing Uninitialized Variable Remote Code Execution Vulnerability
ZDI-25-158
ZDI-CAN-25951
CVE-2025-1650
ZDI-25-157
ZDI-CAN-25952
CVE-2025-1651
ZDI-25-156
ZDI-CAN-25989
CVE-2025-1430
ZDI-25-155
ZDI-CAN-26521
CVE-2025-1433
ZDI-25-154
ZDI-CAN-26135
CVE-2025-1432
Autodesk AutoCAD 3DM File Parsing Use-After-Free Remote Code Execution Vulnerability
ZDI-25-153
ZDI-CAN-25997
CVE-2025-1431
ZDI-25-152
ZDI-CAN-25481
CVE-2024-12130
Rockwell Automation Arena Simulation DOE File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-151
ZDI-CAN-25708
Progress Software
CVE-2025-1758
Progress Software Kemp LoadMaster mangle Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-150
ZDI-CAN-26371
CVE-2025-26633
Microsoft Windows MSC File Insufficient UI Warning Remote Code Execution Vulnerability
ZDI-25-149
ZDI-CAN-26251
CVE-2025-271561
Adobe Acrobat Reader DC AcroForm Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-148
ZDI-CAN-25373
CVE-2025-9491
(0Day) Microsoft Windows LNK File UI Misrepresentation Remote Code Execution Vulnerability
ZDI-25-147
ZDI-CAN-22833
CVE-2025-2450
(0Day) NI Vision Builder AI VBAI File Processing Missing Warning Remote Code Execution Vulnerability
ZDI-25-146
ZDI-CAN-21805
CVE-2025-2449
(0Day) NI FlexLogger usiReg URI File Parsing Directory Traversal Remote Code Execution Vulnerability
ZDI-25-145
ZDI-CAN-25794
CVE-2025-23242
NVIDIA Riva Triton Inference Server Missing Authentication Vulnerability
ZDI-25-144
ZDI-CAN-25682
CVE-2025-23243
NVIDIA Riva gRPC API Missing Authentication for Critical Function Authentication Bypass Vulnerability
ZDI-25-143
ZDI-CAN-25544
CVE-2025-26594
X.Org Server ChangeWindowAttributes Use-After-Free Privilege Escalation Vulnerability
ZDI-25-142
ZDI-CAN-25545
CVE-2025-26595
X.Org Server XkbVModMaskText Stack-based Buffer Overflow Privilege Escalation Vulnerability
ZDI-25-141
ZDI-CAN-25543
CVE-2025-26596
X.Org Server XkbSizeKeySyms Heap-based Buffer Overflow Privilege Escalation Vulnerability
ZDI-25-140
ZDI-CAN-25683
CVE-2025-26597
X.Org Server XkbChangeTypesOfKey Heap-based Buffer Overflow Privilege Escalation Vulnerability
ZDI-25-139
ZDI-CAN-25740
CVE-2025-26598
X.Org Server CreatePointerBarrierClient Out-Of-Bounds Write Local Privilege Escalation Vulnerability
ZDI-25-138
ZDI-CAN-25851
CVE-2025-26599
X.Org Server compRedirectWindow Type Confusion Local Privilege Escalation Vulnerability
ZDI-25-137
ZDI-CAN-25871
CVE-2025-26600
X.Org Server PlayReleasedEvents Use-After-Free Local Privilege Escalation Vulnerability
ZDI-25-136
ZDI-CAN-25870
CVE-2025-26601
X.Org Server SyncInitTrigger Use-After-Free Local Privilege Escalation Vulnerability
ZDI-25-135
ZDI-CAN-26232
CVE-2025-27162
Adobe Acrobat Reader DC AcroForm Use of Uninitialized Variable Remote Code Execution Vulnerability
ZDI-25-134
ZDI-CAN-25734
CVE-2025-24431
Adobe Acrobat Reader DC Doc Object Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-133
ZDI-CAN-26231
CVE-2025-27174
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability
ZDI-25-132
ZDI-CAN-26147
CVE-2025-27159
ZDI-25-131
ZDI-CAN-26169
CVE-2025-27160
ZDI-25-130
ZDI-CAN-25443
Siemens Simcenter Femap NEU File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-129
ZDI-CAN-25473
CVE-2025-2231
PDF-XChange Editor RTF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-128
ZDI-CAN-21907
CVE-2024-12742
NI G Web Development GWEBPROJECT File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-127
ZDI-CAN-25615
CVE-2025-2233
(0Day) (Pwn2Own) Samsung SmartThings Improper Verification of Cryptographic Signature Authentication Bypass Vulnerability
ZDI-25-126
ZDI-CAN-25276
CVE-2025-2022
(0Day) Ashlar-Vellum Cobalt VS File Parsing Type Confusion Remote Code Execution Vulnerability
ZDI-25-125
ZDI-CAN-25264
CVE-2025-2021
ZDI-25-124
ZDI-CAN-25254
CVE-2025-2020
ZDI-25-123
ZDI-CAN-25252
CVE-2025-2019
(0Day) Ashlar-Vellum Cobalt VC6 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-122
ZDI-CAN-25348
CVE-2025-2023
ZDI-25-121
ZDI-CAN-25240
CVE-2025-2017
(0Day) Ashlar-Vellum Cobalt CO File Parsing Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-120
ZDI-CAN-25186
CVE-2025-2013
ZDI-25-119
ZDI-CAN-25185
CVE-2025-2012
(0Day) Ashlar-Vellum Cobalt VS File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-118
ZDI-CAN-25245
CVE-2025-2018
ZDI-25-117
ZDI-CAN-25238
CVE-2025-2016
(0Day) Ashlar-Vellum Cobalt VC6 File Parsing Type Confusion Remote Code Execution Vulnerability
ZDI-25-116
ZDI-CAN-25236
CVE-2025-2015
ZDI-25-115
ZDI-CAN-25235
CVE-2025-2014
(0Day) Ashlar-Vellum Cobalt VS File Parsing Use of Uninitialized Variable Remote Code Execution Vulnerability
ZDI-25-114
ZDI-CAN-25312
CVE-2024-13171
Ivanti Endpoint Manager Patch Unrestricted File Upload Remote Code Execution Vulnerability
ZDI-25-113
ZDI-CAN-25882
CVE-2024-12198
Autodesk Navisworks Freedom DWFX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-112
ZDI-CAN-25869
CVE-2024-12193
ZDI-25-111
ZDI-CAN-25210
CVE-2025-2024
Trimble SketchUp SKP File Parsing Uninitialized Variable Remote Code Execution Vulnerability
ZDI-25-110
ZDI-CAN-25013
SEW-EURODRIVE
SEW-EURODRIVE MOVITOOLS MotionStudio mticomp0 ICP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-109
ZDI-CAN-24001
CVE-2024-56325
Apache Pinot Improper Neutralization of Special Elements Authentication Bypass Vulnerability
ZDI-25-108
ZDI-CAN-26611
HP
CVE-2025-26507
(Pwn2Own) HP LaserJet Pro MFP 3301fdw suidexec Command Injection Local Privilege Escalation Vulnerability
ZDI-25-107
ZDI-CAN-25594
CVE-2025-26506
(Pwn2Own) HP LaserJet Pro MFP 3301fdw PostScript File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-106
ZDI-CAN-25533
CVE-2025-26508
(Pwn2Own) HP LaserJet Pro MFP 3301fdw PostScript File Parsing Type Confusion Remote Code Execution Vulnerability
ZDI-25-105
ZDI-CAN-21908
CVE-2024-12741
NI DAQExpress LVPROJECT File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-104
ZDI-CAN-25334
CVE-2024-52606
SolarWinds Platform TestWebsiteUrl Server-Side Request Forgery Information Disclosure Vulnerability
ZDI-25-103
ZDI-CAN-25031
(0Day) Delta Electronics ISPSoft CBDGL File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-102
ZDI-CAN-25225
(0Day) Delta Electronics ISPSoft DVP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-101
ZDI-CAN-25284
(0Day) Delta Electronics ISPSoft DVP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-100
ZDI-CAN-25737
Linux Kernel ksmbd Session Setup Race Condition Remote Code Execution Vulnerability
ZDI-25-099
ZDI-CAN-25350
PostHog
CVE-2025-1520
PostHog ClickHouse Table Functions SQL Injection Remote Code Execution Vulnerability
ZDI-25-098
ZDI-CAN-25300
CVE-2025-22880
Delta Electronics CNCSoft-G2 DPAX File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-097
ZDI-CAN-25358
CVE-2025-1522
PostHog database_schema Server-Side Request Forgery Information Disclosure Vulnerability
ZDI-25-096
ZDI-CAN-25352
CVE-2025-1521
PostHog slack_incoming_webhook Server-Side Request Forgery Information Disclosure Vulnerability
ZDI-25-095
ZDI-CAN-25180
CVE-2024-50569
Fortinet FortiWeb gui_upload_compress_act Command Injection Remote Code Execution Vulnerability
ZDI-25-094
ZDI-CAN-25182
CVE-2024-50567
Fortinet FortiWeb cgi_grpc_idl_file_post Command Injection Remote Code Execution Vulnerability
ZDI-25-093
ZDI-CAN-26551
CVE-2024-27834
(Pwn2Own) Apple Safari Pointer Authentication Code Bypass Vulnerability
ZDI-25-092
ZDI-CAN-23795
CVE-2024-27833
(Pwn2Own) Apple Safari B3 JIT Compiler Integer Underflow Remote Code Execution Vulnerability
ZDI-25-091
ZDI-CAN-25761
CVE-2025-21373
ZDI-25-090
ZDI-CAN-25393
CVE-2025-21404
Microsoft Edge UI Misrepresentation Remote Code Execution Vulnerability
ZDI-25-089
ZDI-CAN-24785
mySCADA
CVE-2025-20014
mySCADA myPRO Command Injection Remote Code Execution Vulnerability
ZDI-25-088
ZDI-CAN-24784
CVE-2025-20061
ZDI-25-087
ZDI-CAN-26525
CVE-2025-23359
NVIDIA Container Toolkit mount_files Time-Of-Check Time-Of-Use Race Condition Privilege Escalation Vulnerability
ZDI-25-086
ZDI-CAN-25368
CVE-2025-0900
PDF-XChange Editor PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-085
ZDI-CAN-25336
Logsign
CVE-2025-1044
Logsign Unified SecOps Platform Authentication Bypass Vulnerability
ZDI-25-084
ZDI-CAN-23382
Mintty
CVE-2025-1052
Mintty Sixel Image Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-083
ZDI-CAN-24690
Microsoft Edge ms-its: Scheme Remote Code Execution Vulnerability
ZDI-25-082
ZDI-CAN-25014
CVE-2025-0413
Parallels Desktop Technical Data Reporter Link Following Local Privilege Escalation Vulnerability
ZDI-25-081
ZDI-CAN-25816
CVE-2025-0065
TeamViewer Improper Neutralization of Argument Delimiters Local Privilege Escalation Vulnerability
ZDI-25-080
ZDI-CAN-22834
CVE-2024-12740
NI Vision Builder AI JPG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-079
ZDI-CAN-22611
NI Vision Development Module Vision Assistant JPG File Parsing Out-of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-078
ZDI-CAN-22884
NI Vision Builder AI JPG File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-077
ZDI-CAN-22663
ZDI-25-076
ZDI-CAN-25094
CVE-2024-9632
NoMachine Incorrect Permission Assignment Local Privilege Escalation Vulnerability
ZDI-25-075
ZDI-CAN-25622
CVE-2024-12649
(Pwn2Own) Canon imageCLASS MF656Cdw TTF Parsing Write-What-Where Condition Remote Code Execution Vulnerability
ZDI-25-074
ZDI-CAN-25592
CVE-2024-12648
(Pwn2Own) Canon imageCLASS MF656Cdw TIF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-073
ZDI-CAN-25490
CVE-2024-12647
(Pwn2Own) Canon imageCLASS MF656Cdw listObjects2 Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-072
ZDI-CAN-25405
CVE-2025-0902
PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-071
ZDI-CAN-25422
CVE-2025-0904
ZDI-25-070
ZDI-CAN-25421
CVE-2025-0903
PDF-XChange Editor RTF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-069
ZDI-CAN-25435
CVE-2025-0907
PDF-XChange Editor JB2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-068
ZDI-CAN-25434
CVE-2025-0906
ZDI-25-067
ZDI-CAN-25433
CVE-2025-0905
ZDI-25-066
ZDI-CAN-25957
CVE-2025-0911
ZDI-25-065
ZDI-CAN-25748
CVE-2025-0910
ZDI-25-064
ZDI-CAN-25678
CVE-2025-0909
ZDI-25-063
ZDI-CAN-25557
CVE-2025-0908
ZDI-25-062
ZDI-CAN-25372
CVE-2025-0901
PDF-XChange Editor Doc Object Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-061
ZDI-CAN-25349
CVE-2025-0899
PDF-XChange Editor AcroForm Use-After-Free Remote Code Execution Vulnerability
ZDI-25-060
ZDI-CAN-25396
CVE-2024-9954
Google Chrome AI Manager Use-After-Free Remote Code Execution Vulnerability
ZDI-25-059
ZDI-CAN-25000
CVE-2024-53041
Siemens Tecnomatix Plant Simulation WRL File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-058
ZDI-CAN-25206
CVE-2024-53242
Siemens Tecnomatix Plant Simulation WRL File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-057
ZDI-CAN-25205
CVE-2024-45471
Siemens Tecnomatix Plant Simulation WRL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-056
ZDI-CAN-25202
CVE-2024-45469
ZDI-25-055
ZDI-CAN-25318
CVE-2025-0574
Sante PACS Server URL path Memory Corruption Denial-of-Service Vulnerability
ZDI-25-054
ZDI-CAN-25308
CVE-2025-0572
Sante PACS Server Web Portal DCM File Parsing Directory Traversal Arbitrary File Write Vulnerability
ZDI-25-053
ZDI-CAN-25309
CVE-2025-0573
Sante PACS Server DCM File Parsing Directory Traversal Arbitrary File Write Vulnerability
ZDI-25-052
ZDI-CAN-25303
CVE-2025-0569
Sante PACS Server DCM File Parsing Memory Corruption Denial-of-Service Vulnerability
ZDI-25-051
ZDI-CAN-25305
CVE-2025-0571
Sante PACS Server Web Portal DCM File Parsing Memory Corruption Denial-of-Service Vulnerability
ZDI-25-050
ZDI-CAN-25304
CVE-2025-0570
ZDI-25-049
ZDI-CAN-25302
CVE-2025-0568
ZDI-25-048
ZDI-CAN-24012
CVE-2024-27856
Apple WebKit WebCore ContainerNode Use-After-Free Remote Code Execution Vulnerability
ZDI-25-047
ZDI-CAN-24986
WinZip Computing
CVE-2025-1240
WinZip 7Z File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-046
ZDI-CAN-25333
CVE-2025-21127
Adobe Photoshop node_modules Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
ZDI-25-045
ZDI-CAN-25456
CVE-2025-0411
7-Zip Mark-of-the-Web Bypass Vulnerability
ZDI-25-044
ZDI-CAN-25713
CVE-2024-13179
Ivanti Avalanche SecureFilter Authentication Bypass Vulnerability
ZDI-25-043
ZDI-CAN-25712
CVE-2024-13180
Ivanti Avalanche Faces ResourceManager Information Disclosure Vulnerability
ZDI-25-042
ZDI-CAN-25711
CVE-2024-13181
Ivanti Avalanche SecureFilter allowPassThrough Authentication Bypass Vulnerability
ZDI-25-041
ZDI-CAN-25929
CVE-2024-13162
Ivanti Endpoint Manager updateAssetInfo SQL Injection Remote Code Execution Vulnerability
ZDI-25-040
ZDI-CAN-25432
CVE-2024-13163
Ivanti Endpoint Manager DecodeBase64Object Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-039
ZDI-CAN-25431
CVE-2024-13164
Ivanti Endpoint Manager AlertService Uninitialized Memory Information Disclosure Vulnerability
ZDI-25-038
ZDI-CAN-25420
CVE-2024-13165
Ivanti Endpoint Manager Improper Input Validation AlertService Denial-of-Service Vulnerability
ZDI-25-037
ZDI-CAN-25419
CVE-2024-13166
Ivanti Endpoint Manager AlertService Improper Input Validation Denial-of-Service Vulnerability
ZDI-25-036
ZDI-CAN-25418
CVE-2024-13167
ZDI-25-035
ZDI-CAN-25417
CVE-2024-13168
ZDI-25-034
ZDI-CAN-25416
CVE-2024-13169
Ivanti Endpoint Manager AlertService Type Confusion Information Disclosure Vulnerability
ZDI-25-033
ZDI-CAN-25415
CVE-2024-13170
ZDI-25-032
ZDI-CAN-25249
CVE-2024-13172
ZDI-25-031
ZDI-CAN-25209
CVE-2024-13158
Ivanti Endpoint Manager MyResolveEventHandler Untrusted Search Path Remote Code Execution Vulnerability
ZDI-25-030
ZDI-CAN-25187
CVE-2025-21363
Microsoft Office Word DOCX File Parsing Uninitialized Pointer Remote Code Execution Vulnerability
ZDI-25-029
ZDI-CAN-25332
CVE-2025-21331
ZDI-25-028
ZDI-CAN-25188
CVE-2025-21298
Microsoft Office Word RTF File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-027
ZDI-CAN-23793
CVE-2024-2886
(Pwn2Own) Google Chrome VideoFrame Use-After-Free Remote Code Execution Vulnerability
ZDI-25-026
ZDI-CAN-24744
CVE-2024-45301
Mintty Path Conversion Improper Input Validation Information Disclosure Vulnerability
ZDI-25-025
ZDI-CAN-22247
CVE-2024-9525
Avira Prime System Speedup Service Link Following Local Privilege Escalation Vulnerability
ZDI-25-024
ZDI-CAN-22246
CVE-2024-9524
ZDI-25-023
ZDI-CAN-22245
CVE-2024-9523
ZDI-25-022
ZDI-CAN-25404
Apple macOS libFontValidation Font Glyph YCoordinate Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-021
ZDI-CAN-25364
Apple macOS libFontValidation Font Glyph Flags Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-020
ZDI-CAN-25366
Apple macOS libFontValidation post Table Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-019
ZDI-CAN-25339
Apple macOS libFontValidation loca Table Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-018
ZDI-CAN-25341
Apple macOS libFontValidation Font Header Name Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-017
ZDI-CAN-25340
Apple macOS libFontValidation kern Table Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-016
ZDI-CAN-25263
CVE-2024-44240, CVE-2024-44302
Apple macOS CoreText Font Ligature Caret List Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-015
ZDI-CAN-25213
ZDI-25-014
ZDI-CAN-24821
CVE-2024-53706
SonicWALL NSv setSshdConfig Exposed Dangerous Function Local Privilege Escalation Vulnerability
ZDI-25-013
ZDI-CAN-24820
CVE-2024-53705
SonicWALL NSv SSH Management Server-Side Request Forgery Vulnerability
ZDI-25-012
ZDI-CAN-24819
CVE-2024-53704
SonicWALL NSv Authentication Bypass Vulnerability
ZDI-25-011
ZDI-CAN-24818
CVE-2024-40762
SonicWALL NSv Cryptographically Weak PRNG Authentication Bypass Vulnerability
ZDI-25-010
ZDI-CAN-24487
CVE-2024-46981
Redis Stack Lua Use-After-Free Remote Code Execution Vulnerability
ZDI-25-009
ZDI-CAN-24143
CVE-2024-55656
Redis Stack RedisBloom Integer Overflow Remote Code Execution Vulnerability
ZDI-25-008
ZDI-CAN-24932
CVE-2024-55955
Trend Micro Deep Security Agent Incorrect Permissions Local Privilege Escalation Vulnerability
ZDI-25-007
ZDI-CAN-23401
CVE-2024-52047
Trend Micro Apex One widget getWidgetPoolManager Local File Inclusion Remote Code Execution Vulnerability
ZDI-25-006
ZDI-CAN-24674
CVE-2024-52049
Trend Micro Apex One LogServer Link Following Local Privilege Escalation Vulnerability
ZDI-25-005
ZDI-CAN-24675
CVE-2024-52048
ZDI-25-004
ZDI-CAN-24566
CVE-2024-55917
Trend Micro Apex One Origin Validation Error Local Privilege Escalation Vulnerability
ZDI-25-003
ZDI-CAN-24557
CVE-2024-55632
Trend Micro Apex One Security Agent Link Following Local Privilege Escalation Vulnerability
ZDI-25-002
ZDI-CAN-24609
CVE-2024-52050
ZDI-25-001
ZDI-CAN-23995
CVE-2024-55631