ZERO-DAY

ZERO-DAY 2025 2024 2023 Last Update : 13.11.2025

ZDI ID	ZDI CAN	AFFECTED VENDOR(S)	CVE
ZDI-25-1011	ZDI-CAN-28039	Apple	CVE-2025-43432	Apple Safari JavaScriptCore Wasm Function Parsing Use-After-Free Remote Code Execution Vulnerability
ZDI-25-1010	ZDI-CAN-27991	Apple	CVE-2025-43457	Apple Safari JavaScriptCore DFG CSE Phase Graph Node Substitution Use-After-Free Remote Code Execution Vulnerability
ZDI-25-1009	ZDI-CAN-27849	Apple	CVE-2025-43384	Apple macOS USD readAccessorData Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-1008	ZDI-CAN-27894	Apple	CVE-2025-43380	Apple macOS ICC Profile Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-1007	ZDI-CAN-27825	Apple	CVE-2025-43438	Apple Safari JavaScriptCore operationMapIteratorNext Type Confusion Information Disclosure Vulnerability
ZDI-25-1006	ZDI-CAN-27796	Apple	CVE-2025-43445	Apple macOS CoreText Font Glyph Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-1005	ZDI-CAN-27348	Apple	CVE-2025-43401	Apple macOS WindowServer Excessive Iteration Denial-of-Service Vulnerability
ZDI-25-1004	ZDI-CAN-27854	Apple	CVE-2025-43386	Apple macOS USD importMeshJointWeights Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-1003	ZDI-CAN-27853	Apple	CVE-2025-43383	Apple macOS USD importNodeAnimations Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-1002	ZDI-CAN-27848	Apple	CVE-2025-43385	Apple macOS USD importMeshes Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-1001	ZDI-CAN-27263	Microsoft	CVE-2025-60709	Microsoft Windows Common Log File System Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-1000	ZDI-CAN-28025	Adobe	CVE-2025-61844	Adobe USD-Fileformat-plugins usdGltf Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-999	ZDI-CAN-28023	Adobe	CVE-2025-61845	Adobe USD-Fileformat-plugins usdGltf Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-998	ZDI-CAN-28024	Adobe	CVE-2025-61843	Adobe USD-Fileformat-plugins usdGltf Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-997	ZDI-CAN-28027	Adobe	CVE-2025-61842	Adobe USD-Fileformat-plugins usdGltf Use-After-Free Information Disclosure Vulnerability
ZDI-25-996	ZDI-CAN-28022	Adobe	CVE-2025-61841	Adobe USD-Fileformat-plugins usdGltf Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-995	ZDI-CAN-28026	Adobe	CVE-2025-61840	Adobe USD-Fileformat-plugins usdGltf Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-994	ZDI-CAN-28072	Adobe	CVE-2025-61839	Adobe USD-Fileformat-plugins Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-993	ZDI-CAN-28071	Adobe	CVE-2025-61838	Adobe USD-Fileformat-plugins usdGltf Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-992	ZDI-CAN-28021	Adobe	CVE-2025-61837	Adobe USD-Fileformat-plugins usdGltf Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-991	ZDI-CAN-27948	Academy Software Foundation	CVE-2025-12840	Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-990	ZDI-CAN-27947	Academy Software Foundation	CVE-2025-12839	Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-989	ZDI-CAN-27946	Academy Software Foundation	CVE-2025-12495	Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-988	ZDI-CAN-27245	MSP360	CVE-2025-12838	MSP360 Free Backup Link Following Local Privilege Escalation Vulnerability
ZDI-25-987	ZDI-CAN-27965	Autodesk	CVE-2025-9458	Autodesk AutoCAD PRT File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-986	ZDI-CAN-27900	Autodesk	CVE-2025-10885	Autodesk On-Demand Install Services adsk_IPCUpdaterChannel Origin Validation Error Local Privilege Escalation Vulnerability
ZDI-25-985	ZDI-CAN-27323	Delta Electronics	CVE-2025-47728	Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-984	ZDI-CAN-26635	Alibaba		Alibaba Cloud Workspace Client Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
ZDI-25-983	ZDI-CAN-27913	evernote-mcp-server	CVE-2025-12489	evernote-mcp-server openBrowser Command Injection Privilege Escalation Vulnerability
ZDI-25-982	ZDI-CAN-26681	oobabooga	CVE-2025-12487	oobabooga text-generation-webui trust_remote_code Reliance on Untrusted Inputs Remote Code Execution Vulnerability
ZDI-25-981	ZDI-CAN-26680	oobabooga	CVE-2025-12488	oobabooga text-generation-webui trust_remote_code Reliance on Untrusted Inputs Remote Code Execution Vulnerability
ZDI-25-980	ZDI-CAN-24755	Heimdall Data	CVE-2025-12486	Heimdall Data Database Proxy Cross-Site Scripting Remote Code Execution Vulnerability
ZDI-25-979	ZDI-CAN-28085	Netgate	CVE-2025-12490	Netgate pfSense CE Suricata Path Traversal Remote Code Execution Vulnerability
ZDI-25-978	ZDI-CAN-27823	GIMP	CVE-2025-10934	GIMP XWD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-977	ZDI-CAN-27086	Delta Electronics	CVE-2025-62579	Delta Electronics ASDA-Soft PAR File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-976	ZDI-CAN-27128	Delta Electronics	CVE-2025-62580	Delta Electronics ASDA-Soft PAR File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-975	ZDI-CAN-27560	X.Org	CVE-2025-62231	X.Org Server XkbSetCompatMap Numeric Truncation Error Privilege Escalation Vulnerability
ZDI-25-974	ZDI-CAN-27545	X.Org	CVE-2025-62230	X.Org Server XkbRemoveResourceClient Use-After-Free Privilege Escalation Vulnerability
ZDI-25-973	ZDI-CAN-27238	X.Org	CVE-2025-62229	X.Org Server present_create_notifies Use-After-Free Privilege Escalation Vulnerability
ZDI-25-972	ZDI-CAN-27830	Krita	CVE-2025-59820	Krita TGA File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-971	ZDI-CAN-26677	Delta Electronics	CVE-2025-59298	Delta Electronics DIAScreen DPA File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-970	ZDI-CAN-26683	Delta Electronics	CVE-2025-59299	Delta Electronics DIAScreen DPA File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-969	ZDI-CAN-26672	Delta Electronics	CVE-2025-59297	Delta Electronics DIAScreen DPA File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-968	ZDI-CAN-26687	Delta Electronics	CVE-2025-59300	Delta Electronics DIAScreen DPA File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-967	ZDI-CAN-25407	Delta Electronics	CVE-2025-58319	Delta Electronics CNCSoft-G2 DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-966	ZDI-CAN-27536	Cisco	CVE-2025-20359	Cisco Snort process_mime_body Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-965	ZDI-CAN-27165	DataChain	CVE-2025-61677	DataChain data_storage Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-964	ZDI-CAN-28057	Microsoft	CVE-2025-50154	Microsoft Windows LNK File Parsing Improper Input Validation NTLM Relay Vulnerability
ZDI-25-963	ZDI-CAN-27061	Veeam	CVE-2025-48982	Veeam Agent for Microsoft Windows Link Following Local Privilege Escalation Vulnerability
ZDI-25-962	ZDI-CAN-27895	Oracle	CVE-2025-62589	Oracle VirtualBox VMSVGA Integer Overflow Local Privilege Escalation Vulnerability
ZDI-25-961	ZDI-CAN-27933	Oracle	CVE-2025-62641	Oracle VirtualBox USB Use-After-Free Local Privilege Escalation Vulnerability
ZDI-25-960	ZDI-CAN-27924	Oracle	CVE-2025-62590	Oracle VirtualBox VMSVGA Stack-based Buffer Overflow Local Privilege Escalation Vulnerability
ZDI-25-959	ZDI-CAN-27890	Oracle	CVE-2025-62588	Oracle VirtualBox VMSVGA Integer Underflow Local Privilege Escalation Vulnerability
ZDI-25-958	ZDI-CAN-27871	Oracle	CVE-2025-62591	Oracle VirtualBox VMSVGA Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-957	ZDI-CAN-27241	Oracle	CVE-2025-61759	Oracle VirtualBox Virtio-net Uninitialized Memory Information Disclosure Vulnerability
ZDI-25-956	ZDI-CAN-26631	Ashlar-Vellum	CVE-2025-11465	(0Day) Ashlar-Vellum Cobalt CO File Parsing Use-After-Free Remote Code Execution Vulnerability
ZDI-25-955	ZDI-CAN-26628	Ashlar-Vellum	CVE-2025-11464	(0Day) Ashlar-Vellum Cobalt CO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-954	ZDI-CAN-26626	Ashlar-Vellum	CVE-2025-11463	(0Day) Ashlar-Vellum Cobalt XE File Parsing Integer Overflow Remote Code Execution Vulnerability
ZDI-25-953	ZDI-CAN-27289	Microsoft	CVE-2025-59284	Microsoft Windows TAR File Parsing NTLM Relay Vulnerability
ZDI-25-952	ZDI-CAN-26912	Ivanti	CVE-2025-9872	Ivanti Endpoint Manager UniqueFilename Unrestricted File Upload Remote Code Execution Vulnerability
ZDI-25-951	ZDI-CAN-27136	Allegra	CVE-2025-11466	Allegra DatabaseBackupBL Directory Traversal Information Disclosure Vulnerability
ZDI-25-950	ZDI-CAN-26743	7-Zip	CVE-2025-11002	7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability
ZDI-25-949	ZDI-CAN-26753	7-Zip	CVE-2025-11001	7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability
ZDI-25-948	ZDI-CAN-27130	Jaspersoft	CVE-2025-10492	Jaspersoft Jasper Reports JRLoader Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-947	ZDI-CAN-25369	Ivanti	CVE-2025-11622	(0Day) Ivanti Endpoint Manager AgentPortal Deserialization of Untrusted Data Local Privilege Escalation Vulnerability
ZDI-25-946	ZDI-CAN-26859	Ivanti	CVE-2025-62386	(0Day) Ivanti Endpoint Manager Report_RunPatch SQL Injection Remote Code Execution Vulnerability
ZDI-25-945	ZDI-CAN-26857	Ivanti	CVE-2025-62384	(0Day) Ivanti Endpoint Manager MP_Report_Run2 SQL Injection Remote Code Execution Vulnerability
ZDI-25-944	ZDI-CAN-26866	Ivanti	CVE-2025-62392	(0Day) Ivanti Endpoint Manager DBDR SQL Injection Remote Code Execution Vulnerability
ZDI-25-943	ZDI-CAN-26865	Ivanti	CVE-2025-62391	(0Day) Ivanti Endpoint Manager PatchHistory SQL Injection Remote Code Execution Vulnerability
ZDI-25-942	ZDI-CAN-26864	Ivanti	CVE-2025-62390	(0Day) Ivanti Endpoint Manager MP_QueryDetail2 SQL Injection Remote Code Execution Vulnerability
ZDI-25-941	ZDI-CAN-26862	Ivanti	CVE-2025-62389	(0Day) Ivanti Endpoint Manager GetCountForQuery SQL Injection Remote Code Execution Vulnerability
ZDI-25-940	ZDI-CAN-26861	Ivanti	CVE-2025-62388	(0Day) Ivanti Endpoint Manager MP_QueryDetail SQL Injection Remote Code Execution Vulnerability
ZDI-25-939	ZDI-CAN-26860	Ivanti	CVE-2025-62387	(0Day) Ivanti Endpoint Manager MP_VistaReport SQL Injection Remote Code Execution Vulnerability
ZDI-25-938	ZDI-CAN-26858	Ivanti	CVE-2025-62385	(0Day) Ivanti Endpoint Manager Report_RunPatch SQL Injection Remote Code Execution Vulnerability
ZDI-25-937	ZDI-CAN-26856	Ivanti	CVE-2025-62383	(0Day) Ivanti Endpoint Manager Report_Run SQL Injection Remote Code Execution Vulnerability
ZDI-25-936	ZDI-CAN-26855	Ivanti	CVE-2025-11623	(0Day) Ivanti Endpoint Manager Report_Run2 SQL Injection Remote Code Execution Vulnerability
ZDI-25-935	ZDI-CAN-26834	Ivanti	CVE-2025-9713	(0Day) Ivanti Endpoint Manager OnSaveToDB Directory Traversal Remote Code Execution Vulnerability
ZDI-25-934	ZDI-CAN-26144	MindManager		MindManager Attachment Insufficient UI Warning Remote Code Execution Vulnerability
ZDI-25-933	ZDI-CAN-27195	Redis	CVE-2025-49844	(Pwn2Own) Redis Lua Use-After-Free Remote Code Execution Vulnerability
ZDI-25-932	ZDI-CAN-26916	MLflow	CVE-2025-11200	MLflow Weak Password Requirements Authentication Bypass Vulnerability
ZDI-25-931	ZDI-CAN-26921	MLflow	CVE-2025-11201	MLflow Tracking Server Model Creation Directory Traversal Remote Code Execution Vulnerability
ZDI-25-930	ZDI-CAN-27787	win-cli-mcp-server	CVE-2025-11202	win-cli-mcp-server resolveCommandPath Command Injection Remote Code Execution Vulnerability
ZDI-25-929	ZDI-CAN-26585	LiteLLM	CVE-2025-11203	LiteLLM Information health API_KEY Information Disclosure Vulnerability
ZDI-25-928	ZDI-CAN-26824	Delta Electronics	CVE-2025-57704	Delta Electronics EIP Builder EIP File Parsing XML External Entity Processing Information Disclosure Vulnerability
ZDI-25-927	ZDI-CAN-26843	Delta Electronics	CVE-2025-58320	Delta Electronics DIALink Directory Traversal Authentication Bypass Vulnerability
ZDI-25-926	ZDI-CAN-26827	Delta Electronics	CVE-2025-58321	Delta Electronics DIALink Directory Traversal Remote Code Execution Vulnerability
ZDI-25-925	ZDI-CAN-23861	Viessmann	CVE-2025-9494	Viessmann Vitogate 300 BN/MB vitogate.cgi form-0-2 Command Injection Remote Code Execution Vulnerability
ZDI-25-924	ZDI-CAN-26504	Fuji Electric	CVE-2025-9365	Fuji Electric FRENIC-Loader 4 EXTBM File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-923	ZDI-CAN-26503	Fuji Electric	CVE-2025-9365	Fuji Electric FRENIC-Loader 4 EXRTM File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-922	ZDI-CAN-26833	Ivanti	CVE-2025-9712	Ivanti Endpoint Manager EFile Directory Traversal Remote Code Execution Vulnerability
ZDI-25-921	ZDI-CAN-26375	Razer	CVE-2025-9870	Razer Synapse 3 RazerPhilipsHueUninstall Link Following Local Privilege Escalation Vulnerability
ZDI-25-920	ZDI-CAN-26373	Razer	CVE-2025-9871	Razer Synapse 3 Chroma Connect Link Following Local Privilege Escalation Vulnerability
ZDI-25-919	ZDI-CAN-26374	Razer	CVE-2025-9869	Razer Synapse 3 Macro Module Link Following Local Privilege Escalation Vulnerability
ZDI-25-918	ZDI-CAN-27382	Fortinet	CVE-2025-53609	Fortinet FortiWeb _cmf_get_config_file_path Directory Traversal Information Disclosure Vulnerability
ZDI-25-917	ZDI-CAN-27654	Linux	CVE-2025-38562	Linux Kernel ksmbd generate_key context.iov_base Null Pointer Dereference Denial-of-Service Vulnerability
ZDI-25-916	ZDI-CAN-27661	Linux	CVE-2025-38561	Linux Kernel ksmbd smb2_sess_setup Preauth_HashValue Race Condition Remote Code Execution Vulnerability
ZDI-25-915	ZDI-CAN-27561	Linux	CVE-2025-39698	Linux Kernel io_uring Futex Request Use-After-Free Local Privilege Escalation Vulnerability
ZDI-25-914	ZDI-CAN-27793	GIMP	CVE-2025-10925	GIMP ILBM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-913	ZDI-CAN-27836	GIMP	CVE-2025-10924	GIMP FF File Parsing Integer Overflow Remote Code Execution Vulnerability
ZDI-25-912	ZDI-CAN-27878	GIMP	CVE-2025-10923	GIMP WBMP File Parsing Integer Overflow Remote Code Execution Vulnerability
ZDI-25-911	ZDI-CAN-27863	GIMP	CVE-2025-10922	GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-910	ZDI-CAN-27803	GIMP	CVE-2025-10921	GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-909	ZDI-CAN-27684	GIMP	CVE-2025-10920	GIMP ICNS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-908	ZDI-CAN-27224	Autodesk	CVE-2025-8892	Autodesk AutoCAD PRT File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-907	ZDI-CAN-27557	Autodesk	CVE-2025-8354	Autodesk Revit RFA File Parsing Type Confusion Remote Code Execution Vulnerability
ZDI-25-906	ZDI-CAN-26042	SolarWinds	CVE-2025-26399	SolarWinds Web Help Desk AjaxProxy Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-905	ZDI-CAN-26474	Gen Digital	CVE-2025-3025	Gen Digital CCleaner Link Following Local Privilege Escalation Vulnerability
ZDI-25-904	ZDI-CAN-27283	Dassault Systèmes	CVE-2025-9447	Dassault Systèmes eDrawings Viewer PAR File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-903	ZDI-CAN-27332	Dassault Systèmes	CVE-2025-9449	Dassault Systèmes eDrawings Viewer PAR File Parsing Use-After-Free Remote Code Execution Vulnerability
ZDI-25-902	ZDI-CAN-27467	Dassault Systèmes	CVE-2025-9450	Dassault Systèmes eDrawings Viewer JT File Parsing Uninitialized Variable Remote Code Execution Vulnerability
ZDI-25-901	ZDI-CAN-27586	Apple	CVE-2025-43368	Apple Safari IPC Connection Invalidation Use-After-Free Information Disclosure Vulnerability
ZDI-25-900	ZDI-CAN-27407	Apple	CVE-2025-43346	Apple macOS OGG Audio File Header Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-899	ZDI-CAN-27286	Apple	CVE-2025-43349	Apple macOS Audio APAC Frame Decoding Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-898	ZDI-CAN-25289	Delta Electronics	CVE-2025-53418	Delta Electronics COMMGR Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-897	ZDI-CAN-22241	Avira	CVE-2024-13759	Avira Prime Link Following Local Privilege Escalation Vulnerability
ZDI-25-896	ZDI-CAN-26892	Wondershare	CVE-2025-10644	(0Day) Wondershare Repairit SAS Token Incorrect Permission Assignment Authentication Bypass Vulnerability
ZDI-25-895	ZDI-CAN-26902	Wondershare	CVE-2025-10643	(0Day) Wondershare Repairit Incorrect Permission Assignment Authentication Bypass Vulnerability
ZDI-25-894	ZDI-CAN-26583	Digilent	CVE-2025-10203	Digilent WaveForms DWF3WORK File Parsing Directory Traversal Remote Code Execution Vulnerability
ZDI-25-893	ZDI-CAN-26692	Siemens	CVE-2025-40762	Siemens Simcenter Femap STP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-892	ZDI-CAN-24739	Microsoft		Microsoft .NET IsTypeAuthorized Deserialization of Untrusted Data Denial-of-Service Vulnerability
ZDI-25-891	ZDI-CAN-26640	Digilent	CVE-2025-57778	Digilent DASYLab DSB File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-890	ZDI-CAN-26615	Digilent	CVE-2025-57777	Digilent DASYLab DSB File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-889	ZDI-CAN-26614	Digilent	CVE-2025-57776	Digilent DASYLab DSB File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-888	ZDI-CAN-26613	Digilent	CVE-2025-57775	Digilent DASYLab DSB File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-887	ZDI-CAN-26612	Digilent	CVE-2025-57774	Digilent DASYLab DSB File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-886	ZDI-CAN-26582	Digilent	CVE-2025-9189	Digilent DASYLab DSB File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-885	ZDI-CAN-26581	Digilent	CVE-2025-9188	Digilent DASYLab DSB File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-884	ZDI-CAN-27261	QEMU	CVE-2025-8860	QEMU uefi-vars Uninitialized Memory Information Disclosure Vulnerability
ZDI-25-883	ZDI-CAN-26552	Realtek	CVE-2025-8300	Realtek rtl81xx SDK Wi-Fi Driver rtwlanu Heap-based Buffer Overflow Local Privilege Escalation Vulnerability
ZDI-25-882	ZDI-CAN-25857	Realtek	CVE-2025-8299	Realtek rtl81xx SDK Wi-Fi Driver MgntActSet_TEREDO_SET_RS_PACKET Heap-based Buffer Overflow Local Privilege Escalation Vulnerability
ZDI-25-881	ZDI-CAN-25864	Realtek	CVE-2025-8298	Realtek RTL8811AU rtwlanu.sys N6CQueryInformationHandleCustomized11nOids Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-880	ZDI-CAN-24786	Realtek	CVE-2025-8301	Realtek RTL8811AU rtwlanu.sys N6CSet_DOT11_CIPHER_DEFAULT_KEY Heap-based Buffer Overflow Local Privilege Escalation Vulnerability
ZDI-25-879	ZDI-CAN-26553	Realtek	CVE-2025-8302	Realtek rtl81xx SDK Wi-Fi Driver rtwlanu Heap-based Buffer Overflow Local Privilege Escalation Vulnerability
ZDI-25-878	ZDI-CAN-26523	Apple	CVE-2025-43283	Apple macOS AppleIntelKBLGraphics Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-877	ZDI-CAN-25875	Delta Electronics	CVE-2025-53419	Delta Electronics ISPSoft ISP File Parsing Improper Control of Dynamically-Managed Code Remote Code Execution Vulnerability
ZDI-25-876	ZDI-CAN-26744	Siemens	CVE-2025-25175	Siemens Simcenter Femap NEU File Parsing Type Confusion Remote Code Execution Vulnerability
ZDI-25-875	ZDI-CAN-26747	Siemens	CVE-2025-25175	Siemens Simcenter Femap NEU File Parsing Type Confusion Remote Code Execution Vulnerability
ZDI-25-874	ZDI-CAN-26748	Siemens	CVE-2025-25175	Siemens Simcenter Femap NEU File Parsing Type Confusion Remote Code Execution Vulnerability
ZDI-25-873	ZDI-CAN-27504	Linux	CVE-2025-38563	Linux Kernel perf Subsystem AUX Buffers Use-After-Free Local Privilege Escalation Vulnerability
ZDI-25-872	ZDI-CAN-27129	TeamViewer	CVE-2025-44002	TeamViewer Link Following Denial-of-Service Vulnerability
ZDI-25-871	ZDI-CAN-25847	QNAP	CVE-2024-13087	(Pwn2Own) QNAP QHora-322 miro_webserver_lib_RunExecBash Command Injection Remote Code Execution Vulnerability
ZDI-25-870	ZDI-CAN-25709	Foxit	CVE-2025-9330	Foxit PDF Reader Update Service Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
ZDI-25-869	ZDI-CAN-27101	Foxit	CVE-2025-9323	Foxit PDF Reader JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-868	ZDI-CAN-26802	Foxit	CVE-2025-9324	Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-867	ZDI-CAN-26785	Foxit	CVE-2025-9325	Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-866	ZDI-CAN-26784	Foxit	CVE-2025-9326	Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-865	ZDI-CAN-26774	Foxit	CVE-2025-9327	Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-864	ZDI-CAN-26773	Foxit	CVE-2025-9328	Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-863	ZDI-CAN-26772	Foxit	CVE-2025-9329	Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-862	ZDI-CAN-27085	Autodesk	CVE-2025-5048	Autodesk AutoCAD DGN File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-861	ZDI-CAN-27084	Autodesk	CVE-2025-5047	Autodesk AutoCAD DGN File Parsing Uninitialized Variable Remote Code Execution Vulnerability
ZDI-25-860	ZDI-CAN-27083	Autodesk	CVE-2025-5046	Autodesk AutoCAD DGN File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-859	ZDI-CAN-26486	Firebird	CVE-2025-54989	Firebird SQL Database Server XDR Message Parsing NULL Pointer Dereference Denial-of-Service Vulnerability
ZDI-25-858	ZDI-CAN-25774	Axis Communications		Axis Communications Autodesk Plugin AzureBlobRestAPI axiscontentfiles Remote Code Execution Vulnerability
ZDI-25-857	ZDI-CAN-27433	Ivanti	CVE-2025-8297	Ivanti Avalanche FileStoreConfig Arbitrary File Upload Remote Code Execution Vulnerability
ZDI-25-856	ZDI-CAN-27134	Ivanti	CVE-2025-8296	Ivanti Avalanche getCountMuStatDevicePropResultsFromMuListAgentIds SQL Injection Remote Code Execution Vulnerability
ZDI-25-855	ZDI-CAN-22195	Cockroach Labs	CVE-2025-9276	Cockroach Labs cockroach-k8s-request-cert Empty Root Password Authentication Bypass Vulnerability
ZDI-25-854	ZDI-CAN-21655	Oxford Instruments	CVE-2025-9275	(0Day) Oxford Instruments Imaris Viewer IMS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-853	ZDI-CAN-21657	Oxford Instruments	CVE-2025-9274	(0Day) Oxford Instruments Imaris Viewer IMS File Parsing Uninitialized Pointer Remote Code Execution Vulnerability
ZDI-25-852	ZDI-CAN-23950	CData	CVE-2025-9273	(0Day) CData API Server MySQL Misconfiguration Information Disclosure Vulnerability
ZDI-25-851	ZDI-CAN-27250	NVIDIA	CVE-2025-23318	(Pwn2Own) NVIDIA Triton Inference Server IPC Push Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-850	ZDI-CAN-27249	NVIDIA	CVE-2025-23333	(Pwn2Own) NVIDIA Triton Inference Server LoadFromSharedMemory Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-849	ZDI-CAN-27181	NVIDIA	CVE-2025-23320	(Pwn2Own) NVIDIA Triton Inference Server SharedMemoryManager Error Message Information Disclosure Vulnerability
ZDI-25-848	ZDI-CAN-27209	NVIDIA	CVE-2025-23296	NVIDIA Isaac-GR00T secure_server Authentication Bypass Vulnerability
ZDI-25-847	ZDI-CAN-27210	NVIDIA	CVE-2025-23296	NVIDIA Isaac-GR00T TorchSerializer Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-846	ZDI-CAN-27058	Apple	CVE-2025-31281	Apple macOS USD importMeshJointWeights Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-845	ZDI-CAN-27174	Microsoft	CVE-2025-53132	(Pwn2Own) Microsoft Windows win32kfull Race Condition Local Privilege Escalation Vulnerability
ZDI-25-844	ZDI-CAN-27541	Microsoft	CVE-2025-53788	Microsoft Windows Subsystem for Linux WslCoreVm::Initialize Incorrect Privilege Management Information Disclosure Vulnerability
ZDI-25-843	ZDI-CAN-27188	Microsoft	CVE-2025-50168	(Pwn2Own) Microsoft Windows win32kbase Type Confusion Local Privilege Escalation Vulnerability
ZDI-25-842	ZDI-CAN-27171	Microsoft	CVE-2025-53156	(Pwn2Own) Microsoft Windows Exposed Dangerous Function Information Disclosure Vulnerability
ZDI-25-841	ZDI-CAN-27235	Microsoft	CVE-2025-53723	(Pwn2Own) Microsoft Windows 11 vhdmp Integer Overflow Local Privilege Escalation Vulnerability
ZDI-25-840	ZDI-CAN-27256	Microsoft	CVE-2025-53155	(Pwn2Own) Microsoft Windows 11 vhdmp Improper Validation of Array Index Local Privilege Escalation Vulnerability
ZDI-25-839	ZDI-CAN-26363	Microsoft	CVE-2025-53783	Microsoft Teams Real Time Media Manager Integer Underflow Remote Code Execution Vulnerability
ZDI-25-838	ZDI-CAN-27158	Microsoft	CVE-2025-50167	(Pwn2Own) Microsoft Windows 11 vhdmp Use-After-Free Local Privilege Escalation Vulnerability
ZDI-25-837	ZDI-CAN-26559	Rockwell Automation	CVE-2025-6377	Rockwell Automation Arena Simulation DOE File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-836	ZDI-CAN-26556	Rockwell Automation	CVE-2025-6376	Rockwell Automation Arena Simulation DOE File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-835	ZDI-CAN-26766	NoMachine	CVE-2025-8614	NoMachine Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
ZDI-25-834	ZDI-CAN-26141	Academy Software Foundation	CVE-2025-48071	Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-833	ZDI-CAN-27199	NVIDIA	CVE-2025-23298	NVIDIA Transformers4Rec load_model_trainer_states_from_checkpoint Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-832	ZDI-CAN-26478	Delta Electronics	CVE-2025-53417	Delta Electronics DIAView Directory Traversal Remote Code Execution Vulnerability
ZDI-25-831	ZDI-CAN-26477	Delta Electronics	CVE-2025-53417	Delta Electronics DIAView Directory Traversal Information Disclosure Vulnerability
ZDI-25-830	ZDI-CAN-26463	Schneider Electric	CVE-2025-54924	(0Day) Schneider Electric EcoStruxure Power Monitoring Expert GetPagesAsImages Server-Side Request Forgery Information Disclosure Vulnerability
ZDI-25-829	ZDI-CAN-26275	Schneider Electric	CVE-2025-54923	(0Day) Schneider Electric EcoStruxure Power Monitoring Expert GetFilteredSinkProvider Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-828	ZDI-CAN-26274	Schneider Electric	CVE-2025-54927	(0Day) Schneider Electric EcoStruxure Power Monitoring Expert HttpPostedFile Directory Traversal Remote Code Execution Vulnerability
ZDI-25-827	ZDI-CAN-26273	Schneider Electric	CVE-2025-54926	(0Day) Schneider Electric EcoStruxure Power Monitoring Expert GetTgmlContent Directory Traversal Information Disclosure Vulnerability
ZDI-25-826	ZDI-CAN-26464	Schneider Electric	CVE-2025-54925	(0Day) Schneider Electric EcoStruxure Power Monitoring Expert ExportDataAsXML Server-Side Request Forgery Information Disclosure Vulnerability
ZDI-25-825	ZDI-CAN-26281	Apple		Apple macOS AudioToolboxCore Audio Conversion Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-824	ZDI-CAN-26364	Microsoft		(0Day) Microsoft Windows Theme File Parsing Improper Input Validation NTLM Relay Vulnerability
ZDI-25-823	ZDI-CAN-26372	Microsoft		(0Day) Microsoft Windows Theme File Parsing Improper Input Validation NTLM Relay Vulnerability
ZDI-25-822	ZDI-CAN-25207	Microsoft		(0Day) Microsoft SharePoint GetTransformer Unsafe Reflection Denial-of-Service Vulnerability
ZDI-25-821	ZDI-CAN-24974	Microsoft		(0Day) Microsoft Windows Internet Explorer Remote Code Execution Vulnerability
ZDI-25-820	ZDI-CAN-24831	Microsoft		(0Day) Microsoft SharePoint IsAuthorizedType Deserialization of Untrusted Data Information Disclosure and Denial-of-Service Vulnerability
ZDI-25-819	ZDI-CAN-24425	Microsoft		(0Day) Microsoft Windows NetBIOS Hostname SmartScreen Bypass Remote Code Execution Vulnerability
ZDI-25-818	ZDI-CAN-24078	Microsoft		(0Day) Microsoft Windows OneDrive SmartScreen Bypass Vulnerability
ZDI-25-817	ZDI-CAN-23584	Microsoft		(0Day) Microsoft Edge PDF NTLM Response Information Disclosure Vulnerability
ZDI-25-816	ZDI-CAN-23960	Microsoft		(0Day) Microsoft Azure AP5GC gNB-ID Use of Multiple Resources with Duplicate Identifier Denial-Of-Service Vulnerability
ZDI-25-815	ZDI-CAN-23990	Microsoft		(0Day) Microsoft Windows CAB File SmartScreen Bypass Vulnerability
ZDI-25-814	ZDI-CAN-23548	Microsoft		(0Day) Microsoft Windows MonikerLink Information Disclosure Vulnerability
ZDI-25-813	ZDI-CAN-23444	Microsoft		(0Day) Microsoft PowerShell TryModuleAutoLoading Directory Traversal Remote Code Execution Vulnerability
ZDI-25-812	ZDI-CAN-23938	Microsoft		(0Day) Microsoft Windows SmartScreen Bypass Remote Code Execution Vulnerability
ZDI-25-811	ZDI-CAN-23946	Microsoft		(0Day) Microsoft Office OfficeApps Unintended Proxy Information Disclosure Vulnerability
ZDI-25-810	ZDI-CAN-23945	Microsoft		(0Day) Microsoft Windows ZIP File Insufficient UI Warning Remote Code Execution Vulnerability
ZDI-25-809	ZDI-CAN-23450	Microsoft		(0Day) Microsoft Exchange PowerShell Exposed Dangerous Method NTLM Relay Vulnerability
ZDI-25-808	ZDI-CAN-26156	AOMEI	CVE-2025-8610	(0Day) AOMEI Cyber Backup Missing Authentication for Critical Function Remote Code Execution Vulnerability
ZDI-25-807	ZDI-CAN-26158	AOMEI	CVE-2025-8611	(0Day) AOMEI Cyber Backup Missing Authentication for Critical Function Remote Code Execution Vulnerability
ZDI-25-806	ZDI-CAN-27059	AOMEI	CVE-2025-8612	(0Day) AOMEI Backupper Workstation Link Following Local Privilege Escalation Vulnerability
ZDI-25-805	ZDI-CAN-25892	Vacron	CVE-2025-8613	(0Day) Vacron Camera ping Command Injection Remote Code Execution Vulnerability
ZDI-25-804	ZDI-CAN-26355	Kenwood	CVE-2025-8656	(0Day) (Pwn2Own) Kenwood DMX958XR Protection Mechanism Failure Software Downgrade Vulnerability
ZDI-25-803	ZDI-CAN-26314	Kenwood	CVE-2025-8655	(0Day) (Pwn2Own) Kenwood DMX958XR libSystemLib Command injection Remote Code Execution Vulnerability
ZDI-25-802	ZDI-CAN-26313	Kenwood	CVE-2025-8654	(0Day) (Pwn2Own) Kenwood DMX958XR ReadMVGImage Command Injection Remote Code Execution Vulnerability
ZDI-25-801	ZDI-CAN-26312	Kenwood	CVE-2025-8653	(0Day) (Pwn2Own) Kenwood DMX958XR JKRadioService Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-800	ZDI-CAN-26311	Kenwood	CVE-2025-8652	(0Day) (Pwn2Own) Kenwood DMX958XR JKWifiService Command Injection Remote Code Execution Vulnerability
ZDI-25-799	ZDI-CAN-26307	Kenwood	CVE-2025-8651	(0Day) (Pwn2Own) Kenwood DMX958XR JKWifiService Command Injection Remote Code Execution Vulnerability
ZDI-25-798	ZDI-CAN-26306	Kenwood	CVE-2025-8650	(0Day) (Pwn2Own) Kenwood DMX958XR libSystemLib Command Injection Remote Code Execution Vulnerability
ZDI-25-797	ZDI-CAN-26305	Kenwood	CVE-2025-8649	(0Day) (Pwn2Own) Kenwood DMX958XR JKWifiService Command Injection Remote Code Execution Vulnerability
ZDI-25-796	ZDI-CAN-26271	Kenwood	CVE-2025-8648	(0Day) Kenwood DMX958XR Firmware Update Command Injection Vulnerability
ZDI-25-795	ZDI-CAN-26270	Kenwood	CVE-2025-8647	(0Day) Kenwood DMX958XR Firmware Update Command Injection Vulnerability
ZDI-25-794	ZDI-CAN-26269	Kenwood	CVE-2025-8646	(0Day) Kenwood DMX958XR Firmware Update Command Injection Vulnerability
ZDI-25-793	ZDI-CAN-26268	Kenwood	CVE-2025-8645	(0Day) Kenwood DMX958XR Firmware Update Command Injection Vulnerability
ZDI-25-792	ZDI-CAN-26267	Kenwood	CVE-2025-8644	(0Day) Kenwood DMX958XR Firmware Update Command Injection Vulnerability
ZDI-25-791	ZDI-CAN-26266	Kenwood	CVE-2025-8643	(0Day) Kenwood DMX958XR Firmware Update Command Injection Vulnerability
ZDI-25-790	ZDI-CAN-26265	Kenwood	CVE-2025-8642	(0Day) Kenwood DMX958XR Firmware Update Command Injection Vulnerability
ZDI-25-789	ZDI-CAN-26264	Kenwood	CVE-2025-8641	(0Day) Kenwood DMX958XR Firmware Update Command Injection Vulnerability
ZDI-25-788	ZDI-CAN-26263	Kenwood	CVE-2025-8640	(0Day) Kenwood DMX958XR Firmware Update Command Injection Vulnerability
ZDI-25-787	ZDI-CAN-26262	Kenwood	CVE-2025-8639	(0Day) Kenwood DMX958XR Firmware Update Command Injection Vulnerability
ZDI-25-786	ZDI-CAN-26261	Kenwood	CVE-2025-8638	(0Day) Kenwood DMX958XR Firmware Update Command Injection Vulnerability
ZDI-25-785	ZDI-CAN-26260	Kenwood	CVE-2025-8637	(0Day) Kenwood DMX958XR Firmware Update Command Injection Vulnerability
ZDI-25-784	ZDI-CAN-26259	Kenwood	CVE-2025-8636	(0Day) Kenwood DMX958XR Firmware Update Command Injection Vulnerability
ZDI-25-783	ZDI-CAN-26258	Kenwood	CVE-2025-8635	(0Day) Kenwood DMX958XR Firmware Update Command Injection Vulnerability
ZDI-25-782	ZDI-CAN-26257	Kenwood	CVE-2025-8634	(0Day) Kenwood DMX958XR Firmware Update Command Injection Vulnerability
ZDI-25-781	ZDI-CAN-26256	Kenwood	CVE-2025-8633	(0Day) Kenwood DMX958XR Firmware Update Command Injection Vulnerability
ZDI-25-780	ZDI-CAN-26255	Kenwood	CVE-2025-8632	(0Day) Kenwood DMX958XR Firmware Update Command Injection Vulnerability
ZDI-25-779	ZDI-CAN-26254	Kenwood	CVE-2025-8631	(0Day) Kenwood DMX958XR Firmware Update Command Injection Vulnerability
ZDI-25-778	ZDI-CAN-26253	Kenwood	CVE-2025-8630	(0Day) Kenwood DMX958XR Firmware Update Command Injection Vulnerability
ZDI-25-777	ZDI-CAN-26252	Kenwood	CVE-2025-8629	(0Day) Kenwood DMX958XR Firmware Update Command Injection Vulnerability
ZDI-25-776	ZDI-CAN-26064	Kenwood	CVE-2025-8628	(0Day) Kenwood DMX958XR Firmware Update Command Injection Vulnerability
ZDI-25-775	ZDI-CAN-25494	Google		(0Day) Google Chrome SwiftShader Out-Of-Bound Write Remote Code Execution Vulnerability
ZDI-25-774	ZDI-CAN-24741	Google		(0Day) Google Drive ZIP File Mark-of-the-Web Bypass Remote Code Execution Vulnerability
ZDI-25-773	ZDI-CAN-24742	Google		(0Day) Google Drive File Sharing Mark-of-the-Web Bypass Vulnerability
ZDI-25-772	ZDI-CAN-27855	Trend Micro	CVE-2025-54987	Trend Micro Apex One Console Command Injection Remote Code Execution Vulnerability
ZDI-25-771	ZDI-CAN-27834	Trend Micro	CVE-2025-54948	Trend Micro Apex One Console Command Injection Remote Code Execution Vulnerability
ZDI-25-770	ZDI-CAN-25335	Microsoft		Microsoft Skype Chromium Remote Code Execution Vulnerability
ZDI-25-769	ZDI-CAN-27088	NI	CVE-2025-7849	NI LabVIEW VI File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-768	ZDI-CAN-27081	NI	CVE-2025-7848	NI LabVIEW VI File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-767	ZDI-CAN-26324	Alpine	CVE-2025-8477	(0Day) (Pwn2Own) Alpine iLX-507 vCard Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-766	ZDI-CAN-26357	Alpine	CVE-2025-8480	(0Day) (Pwn2Own) Alpine iLX-507 Command Injection Remote Code Execution
ZDI-25-765	ZDI-CAN-26322	Alpine	CVE-2025-8476	(0Day) (Pwn2Own) Alpine iLX-507 TIDAL Improper Certificate Validation Vulnerability
ZDI-25-764	ZDI-CAN-26321	Alpine	CVE-2025-8475	(0Day) (Pwn2Own) Alpine iLX-507 AVRCP Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-763	ZDI-CAN-26318	Alpine	CVE-2025-8474	(0Day) (Pwn2Own) Alpine iLX-507 CarPlay Stack-based Buffer Overflow Code Execution Vulnerability
ZDI-25-762	ZDI-CAN-26317	Alpine	CVE-2025-8473	(0Day) (Pwn2Own) Alpine iLX-507 UPDM_wstpCBCUpdStart Command Injection Vulnerability
ZDI-25-761	ZDI-CAN-26316	Alpine	CVE-2025-8472	(0Day) (Pwn2Own) Alpine iLX-507 vCard Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-760	ZDI-CAN-25536	QNAP	CVE-2024-50388	(Pwn2Own) QNAP TS-464 rsync Daemon Command Injection Remote Code Execution Vulnerability
ZDI-25-759	ZDI-CAN-25656	QNAP	CVE-2024-50387	(Pwn2Own) QNAP TS-464 Log Tool SQL Injection Remote Code Execution Vulnerability
ZDI-25-758	ZDI-CAN-25612	QNAP		(Pwn2Own) QNAP TS-464 Samba Command Argument Injection Vulnerability
ZDI-25-757	ZDI-CAN-25673	QNAP		(Pwn2Own) QNAP QHora-322 tar Command Injection Remote Code Execution Vulnerability
ZDI-25-756	ZDI-CAN-25488	QNAP		(Pwn2Own) QNAP QHora-322 Improper Restriction of Communication Channel to Intended Endpoints Vulnerability
ZDI-25-755	ZDI-CAN-25672	QNAP		(Pwn2Own) QNAP QHora-322 qsyslog-cli username Format String Remote Code Execution Vulnerability
ZDI-25-754	ZDI-CAN-25653	QNAP		(Pwn2Own) QNAP TS-464 privWizard.cgi Authentication CRLF Injection Privilege Escalation Vulnerability
ZDI-25-753	ZDI-CAN-25482	QNAP		(Pwn2Own) QNAP TS-464 Improper Handling of URL Encoding Authentication Bypass Vulnerability
ZDI-25-752	ZDI-CAN-25667	QNAP		(Pwn2Own) QNAP QHora-322 gRPC WAN_ADDR6 Command Injection Remote Code Execution Vulnerability
ZDI-25-751	ZDI-CAN-25625	QNAP		(Pwn2Own) QNAP QHora-322 IPv6 Incorrectly Specified Destination in a Communication Channel Network Spoofing Vulnerability
ZDI-25-750	ZDI-CAN-25624	QNAP		(Pwn2Own) QNAP QHora-322 lionic_dpi parseMIME Out-of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-749	ZDI-CAN-25596	QNAP		(Pwn2Own) QNAP QHora-322 qfirewall Improper Restriction of Communication Channel to Intended Endpoints Firewall Bypass Vulnerability
ZDI-25-748	ZDI-CAN-25657	QNAP		(Pwn2Own) QNAP QHora-322 system.db Use of Hard-coded Cryptographic Key Authentication Bypass Vulnerability
ZDI-25-747	ZDI-CAN-25646	QNAP		(Pwn2Own) QNAP TS-464 reset_password.cgi Hard-coded Cryptographic Key Authentication Bypass Vulnerability
ZDI-25-746	ZDI-CAN-25645	QNAP		(Pwn2Own) QNAP TS-464 reset_password.cgi Improper Certificate Validation Information Disclosure Vulnerability
ZDI-25-745	ZDI-CAN-25644	QNAP		(Pwn2Own) QNAP TS-464 reset_password.cgi Improper Certificate Validation Information Disclosure Vulnerability
ZDI-25-744	ZDI-CAN-25483	QNAP		(Pwn2Own) QNAP TS-464 reset_password.cgi Improper Certificate Validation Authentication Bypass Vulnerability
ZDI-25-743	ZDI-CAN-25585	QNAP		(Pwn2Own) QNAP TS-464 qnap_exec Command Injection Privilege Escalation Vulnerability
ZDI-25-742	ZDI-CAN-25587	QNAP		(Pwn2Own) QNAP TS-464 Active Directory Authentication Bypass Vulnerability
ZDI-25-741	ZDI-CAN-25580	QNAP	CVE-2024-50389	(Pwn2Own) QNAP QHora-322 openvpn_cli user_name SQL Injection Authentication Bypass Vulnerability
ZDI-25-740	ZDI-CAN-25641	QNAP		(Pwn2Own) QNAP QHora-322 backup Use of Hard-coded Cryptographic Key Privilege Escalation Vulnerability
ZDI-25-739	ZDI-CAN-25634	QNAP		(Pwn2Own) QNAP QHora-322 Improper Restriction of Communication Channel to Intended Endpoints Remote Code Execution Vulnerability
ZDI-25-738	ZDI-CAN-25635	QNAP		(Pwn2Own) QNAP QHora-322 SSH Use of Weak Credentials Authentication Bypass Vulnerability
ZDI-25-737	ZDI-CAN-25530	QNAP		(Pwn2Own) QNAP QHora-322 do_fetch Improper Certificate Validation Vulnerability
ZDI-25-736	ZDI-CAN-25632	QNAP		(Pwn2Own) QNAP QHora-322 access_setting HTTP Request Smuggling Vulnerability
ZDI-25-735	ZDI-CAN-25631	QNAP		(Pwn2Own) QNAP QHora-322 local_pwd_reset HTTP Request Smuggling Vulnerability
ZDI-25-734	ZDI-CAN-25633	QNAP		(Pwn2Own) QNAP QHora-322 IPMI Use of Weak Credentials Authentication Bypass Vulnerability
ZDI-25-733	ZDI-CAN-24915	Marvell	CVE-2025-8426	(0Day) Marvell QConvergeConsole compressConfigFiles Directory Traversal Information Disclosure and Denial-of-Service Vulnerability
ZDI-25-732	ZDI-CAN-25639	Lorex	CVE-2025-8389	(Pwn2Own) Lorex 2K Indoor Wi-Fi Security Camera Improper Validation of Array Index Remote Code Execution Vulnerability
ZDI-25-731	ZDI-CAN-25537	Lorex	CVE-2024-52544	(Pwn2Own) Lorex 2K Indoor Wi-Fi Security Camera Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-730	ZDI-CAN-25647	Lorex	CVE-2025-3132	(Pwn2Own) Lorex 2K Indoor Wi-Fi Security Camera Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-729	ZDI-CAN-23656	Canonical	CVE-2024-50126	(Pwn2Own) Canonical Ubuntu Kernel taprio Scheduler Race Condition Local Privilege Escalation Vulnerability
ZDI-25-728	ZDI-CAN-26782	Apple	CVE-2025-31239	Apple macOS MediaToolbox Framework Memory Corruption Remote Code Execution Vulnerability
ZDI-25-727	ZDI-CAN-25365	Apple		Apple macOS libFontValidation kern Table Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-726	ZDI-CAN-25355	Ashlar-Vellum	CVE-2025-7993	(0Day) Ashlar-Vellum Cobalt LI File Parsing Use-After-Free Remote Code Execution Vulnerability
ZDI-25-725	ZDI-CAN-26238	Ashlar-Vellum	CVE-2025-8006	(0Day) Ashlar-Vellum Cobalt XE File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-724	ZDI-CAN-26233	Ashlar-Vellum	CVE-2025-8002	(0Day) Ashlar-Vellum Cobalt CO File Parsing Type Confusion Remote Code Execution Vulnerability
ZDI-25-723	ZDI-CAN-26236	Ashlar-Vellum	CVE-2025-8004	(0Day) Ashlar-Vellum Cobalt XE File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-722	ZDI-CAN-26237	Ashlar-Vellum	CVE-2025-8005	(0Day) Ashlar-Vellum Cobalt XE File Parsing Type Confusion Remote Code Execution Vulnerability
ZDI-25-721	ZDI-CAN-26053	Ashlar-Vellum	CVE-2025-8001	(0Day) Ashlar-Vellum Cobalt CO File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-720	ZDI-CAN-26235	Ashlar-Vellum	CVE-2025-8003	(0Day) Ashlar-Vellum Cobalt CO File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-719	ZDI-CAN-26045	Ashlar-Vellum	CVE-2025-7997	(0Day) Ashlar-Vellum Cobalt XE File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-718	ZDI-CAN-26051	Ashlar-Vellum	CVE-2025-8000	(0Day) Ashlar-Vellum Cobalt LI File Parsing Type Confusion Remote Code Execution Vulnerability
ZDI-25-717	ZDI-CAN-25981	Ashlar-Vellum	CVE-2025-7995	(0Day) Ashlar-Vellum Cobalt CO File Parsing Type Confusion Remote Code Execution Vulnerability
ZDI-25-716	ZDI-CAN-25982	Ashlar-Vellum	CVE-2025-7996	(0Day) Ashlar-Vellum Cobalt AR File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-715	ZDI-CAN-26046	Ashlar-Vellum	CVE-2025-7998	(0Day) Ashlar-Vellum Cobalt CO File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-714	ZDI-CAN-25976	Ashlar-Vellum	CVE-2025-7994	(0Day) Ashlar-Vellum Cobalt AR File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-713	ZDI-CAN-26049	Ashlar-Vellum	CVE-2025-7999	(0Day) Ashlar-Vellum Cobalt AR File Parsing Type Confusion Remote Code Execution Vulnerability
ZDI-25-712	ZDI-CAN-26299	Tesla	CVE-2025-8321	(Pwn2Own) Tesla Wall Connector Firmware Downgrade Vulnerability
ZDI-25-711	ZDI-CAN-26300	Tesla	CVE-2025-8320	(Pwn2Own) Tesla Wall Connector Content-Length Header Improper Input Validation Remote Code Execution Vulnerability
ZDI-25-710	ZDI-CAN-24672	SolarWinds	CVE-2024-45710	SolarWinds Platform SolarWindsAgent64 Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
ZDI-25-709	ZDI-CAN-27217	Apple	CVE-2025-43214	Apple Safari JavaScriptCore WasmToJSException Type Confusion Remote Code Execution Vulnerability
ZDI-25-708	ZDI-CAN-22536	Mozilla	CVE-2024-3863	Mozilla Firefox Web Page Download Mark-Of-The-Web Protection Mechanism Failure Vulnerability
ZDI-25-707	ZDI-CAN-23383	AVG	CVE-2024-13960	AVG TuneUp for PC TuneUp Service Link Following Local Privilege Escalation Vulnerability
ZDI-25-706	ZDI-CAN-27226	Autodesk	CVE-2025-7675	Autodesk AutoCAD 3DM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-705	ZDI-CAN-27225	Autodesk	CVE-2025-7497	Autodesk AutoCAD PRT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-704	ZDI-CAN-27223	Autodesk	CVE-2025-6637	Autodesk AutoCAD PRT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-703	ZDI-CAN-27222	Autodesk	CVE-2025-6636	Autodesk AutoCAD PRT File Parsing Use-After-Free Remote Code Execution Vulnerability
ZDI-25-702	ZDI-CAN-27253	Autodesk	CVE-2025-6635	Autodesk AutoCAD PRT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-701	ZDI-CAN-27221	Autodesk	CVE-2025-6631	Autodesk AutoCAD PRT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-700	ZDI-CAN-26927	Autodesk	CVE-2025-5038	Autodesk AutoCAD X_T File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-699	ZDI-CAN-26848	Autodesk	CVE-2025-5043	Autodesk AutoCAD 3DM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-698	ZDI-CAN-25548	Avast	CVE-2024-13962	Avast Cleanup Premium TuneupSvc Link Following Local Privilege Escalation Vulnerability
ZDI-25-697	ZDI-CAN-25498	AVG	CVE-2024-13959	AVG TuneUp for PC TuneupSvc Link Following Local Privilege Escalation Vulnerability
ZDI-25-696	ZDI-CAN-25549	Avast	CVE-2024-13961	Avast Cleanup Premium TuneupSvc Link Following Local Privilege Escalation Vulnerability
ZDI-25-695	ZDI-CAN-25509	AVG	CVE-2024-13944	AVG TuneUp for PC TuneupSvc Link Following Local Privilege Escalation Vulnerability
ZDI-25-694	ZDI-CAN-25406	Delta Electronics	CVE-2025-53416	Delta Electronics DTN Soft Project File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-693	ZDI-CAN-25570	Norton	CVE-2024-13944	Norton Utilities Ultimate NortonUtilitiesSvc Link Following Local Privilege Escalation Vulnerability
ZDI-25-692	ZDI-CAN-25015	Oracle	CVE-2024-21273	Oracle VirtualBox VirtIO-SCSI Uninitialized Memory Information Disclosure Vulnerability
ZDI-25-691	ZDI-CAN-26915	Apple	CVE-2025-43221	Apple macOS USD importAnimations Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-690	ZDI-CAN-26909	Apple	CVE-2025-43221	Apple macOS USD importNodeAnimations Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-689	ZDI-CAN-27107	Apple	CVE-2025-31281	Apple macOS USD importNodeAnimations Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-688	ZDI-CAN-26966	Apple	CVE-2025-31281	Apple macOS USD importNodeAnimations Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-687	ZDI-CAN-26846	Apple	CVE-2025-31281	Apple macOS USD readAccessorDataToFloat Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-686	ZDI-CAN-26914	Apple	CVE-2025-43224	Apple macOS USD importNodeAnimations Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-685	ZDI-CAN-26853	Apple	CVE-2025-43224	Apple macOS USD importNodeAnimations Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-684	ZDI-CAN-26830	Apple	CVE-2025-43224	Apple macOS USD importNodeAnimations Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-683	ZDI-CAN-27105	Apple	CVE-2025-43264	Apple macOS USD importMeshJointWeights Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-682	ZDI-CAN-26829	Apple	CVE-2025-43264	Apple macOS USD importMeshes Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-681	ZDI-CAN-27287	Apple	CVE-2025-43210	Apple macOS MediaToolbox Framework Memory Corruption Remote Code Execution Vulnerability
ZDI-25-680	ZDI-CAN-27274	Apple	CVE-2025-43186	Apple macOS AudioToolbox MP4 File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-679	ZDI-CAN-27106	Apple	CVE-2025-43215	Apple macOS USD readColor Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-678	ZDI-CAN-27041	Apple	CVE-2025-43239	Apple macOS ICC Profile Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-677	ZDI-CAN-27036	Apple	CVE-2025-43218	Apple macOS USD CustomLoadImageData Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-676	ZDI-CAN-26978	Apple	CVE-2025-43219	Apple macOS USD importSkeletons Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-675	ZDI-CAN-26847	Apple	CVE-2025-31280	Apple macOS USD readAccessorInts Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-674	ZDI-CAN-26636	Apple	CVE-2025-43255	Apple macOS AppleIntelKBLGraphics Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-673	ZDI-CAN-26616	Apple	CVE-2025-43209	Apple Safari getHourCycles Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-672	ZDI-CAN-25806	Samsung	CVE-2025-54442	Samsung MagicINFO 9 Server filenameHasExecutableType Unrestricted File Upload Remote Code Execution Vulnerability
ZDI-25-671	ZDI-CAN-25978	Samsung	CVE-2025-54455	Samsung MagicINFO 9 Server PremiumClientService Hard-coded Cryptographic Key Authentication Bypass Vulnerability
ZDI-25-670	ZDI-CAN-25839	Samsung	CVE-2025-54454	Samsung MagicINFO 9 Server PremiumClientService Hard-coded Cryptographic Key Authentication Bypass Vulnerability
ZDI-25-669	ZDI-CAN-25802	Samsung	CVE-2025-54453	Samsung MagicINFO 9 Server FtpMetaUploadServlet Directory Traversal Remote Code Execution Vulnerability
ZDI-25-668	ZDI-CAN-25800	Samsung	CVE-2025-54452	Samsung MagicINFO 9 Server ServletAuthenticationProcessingFilter Authentication Bypass Vulnerability
ZDI-25-667	ZDI-CAN-26058	Samsung	CVE-2025-54451	Samsung MagicINFO 9 Server MagicInfoCache Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-666	ZDI-CAN-26057	Samsung	CVE-2025-54450	Samsung MagicINFO 9 Server DeviceLogUploadServlet Directory Traversal Remote Code Execution Vulnerability
ZDI-25-665	ZDI-CAN-25873	Samsung	CVE-2025-54449	Samsung MagicINFO 9 Server fillLftOrLfdInfo Unrestricted File Upload Remote Code Execution Vulnerability
ZDI-25-664	ZDI-CAN-25874	Samsung	CVE-2025-54448	Samsung MagicINFO 9 Server copyResourceToFile Unrestricted File Upload Remote Code Execution Vulnerability
ZDI-25-663	ZDI-CAN-25885	Samsung	CVE-2025-54447	Samsung MagicINFO 9 Server OpenApiController Unrestricted File Upload Remote Code Execution Vulnerability
ZDI-25-662	ZDI-CAN-25955	Samsung	CVE-2025-54446	Samsung MagicINFO 9 Server ResponseUploadActivity Directory Traversal Remote Code Execution Vulnerability
ZDI-25-661	ZDI-CAN-25860	Samsung	CVE-2025-54445	Samsung MagicINFO 9 Server parseXMLString XML External Entity Processing Information Disclosure Vulnerability
ZDI-25-660	ZDI-CAN-25804	Samsung	CVE-2025-54444	Samsung MagicINFO 9 Server filenameHasExecutableType Unrestricted File Upload Remote Code Execution Vulnerability
ZDI-25-659	ZDI-CAN-25772	Samsung	CVE-2025-54443	Samsung MagicINFO 9 Server SWUpdateFileUploadServlet Directory Traversal Remote Code Execution Vulnerability
ZDI-25-658	ZDI-CAN-25807	Samsung	CVE-2025-54441	Samsung MagicINFO 9 Server getFontFileFromMagicInfoServer Unrestricted File Upload Remote Code Execution Vulnerability
ZDI-25-657	ZDI-CAN-26519	Samsung	CVE-2025-54440	Samsung MagicINFO 9 Server MagicInfoWebAuthorClient Unrestricted File Upload Remote Code Execution Vulnerability
ZDI-25-656	ZDI-CAN-25809	Samsung	CVE-2025-54439	Samsung MagicINFO 9 Server getZipFileListForImport Unrestricted File Upload Remote Code Execution Vulnerability
ZDI-25-655	ZDI-CAN-26520	Samsung	CVE-2025-54438	Samsung MagicINFO 9 Server downloadChangedFiles Directory Traversal Authentication Bypass Vulnerability
ZDI-25-654	ZDI-CAN-26280	SolarWinds	CVE-2025-26397	SolarWinds TFTP Server Deserialization of Untrusted Data Local Privilege Escalation Vulnerability
ZDI-25-653	ZDI-CAN-27791	Microsoft	CVE-2025-53770	(Pwn2Own) Microsoft SharePoint Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-652	ZDI-CAN-27790	Microsoft	CVE-2025-53771	(Pwn2Own) Microsoft SharePoint ToolPane Authentication Bypass Vulnerability
ZDI-25-651	ZDI-CAN-27159	Red Hat	CVE-2025-38350	(Pwn2Own) Red Hat Enterprise Linux CBS Packet Scheduling Use-After-Free Local Privilege Escalation Vulnerability
ZDI-25-650	ZDI-CAN-26647	ATEN	CVE-2025-6685	ATEN eco DC Missing Authorization Privilege Escalation Vulnerability
ZDI-25-649	ZDI-CAN-25685	Veeam	CVE-2025-24287	Veeam Agent for Microsoft Windows Incorrect Default Permissions Local Privilege Escalation Vulnerability
ZDI-25-648	ZDI-CAN-26882	Anritsu	CVE-2025-7976	Anritsu ShockLine CHX File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-647	ZDI-CAN-26913	Anritsu	CVE-2025-7975	Anritsu ShockLine CHX File Parsing Directory Traversal Remote Code Execution Vulnerability
ZDI-25-646	ZDI-CAN-26780	Amazon	CVE-2025-8069	Amazon AWS Client VPN Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
ZDI-25-645	ZDI-CAN-27254	Autodesk	CVE-2025-5037	Autodesk Revit RFA File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-644	ZDI-CAN-25862	Ashlar-Vellum	CVE-2025-7988	(0Day) Ashlar-Vellum Graphite VC6 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-643	ZDI-CAN-25945	Ashlar-Vellum	CVE-2025-7991	(0Day) Ashlar-Vellum Cobalt VC6 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-642	ZDI-CAN-25972	Ashlar-Vellum	CVE-2025-7992	(0Day) Ashlar-Vellum Cobalt AR File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-641	ZDI-CAN-25756	Ashlar-Vellum	CVE-2025-7987	(0Day) Ashlar-Vellum Graphite VC6 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-640	ZDI-CAN-25943	Ashlar-Vellum	CVE-2025-7989	(0Day) Ashlar-Vellum Cobalt AR File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-639	ZDI-CAN-25755	Ashlar-Vellum	CVE-2025-7986	(0Day) Ashlar-Vellum Graphite VC6 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-638	ZDI-CAN-25944	Ashlar-Vellum	CVE-2025-7990	(0Day) Ashlar-Vellum Cobalt VC6 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-637	ZDI-CAN-25704	Ashlar-Vellum	CVE-2025-7985	(0Day) Ashlar-Vellum Cobalt VC6 File Parsing Integer Overflow Remote Code Execution Vulnerability
ZDI-25-636	ZDI-CAN-25700	Ashlar-Vellum	CVE-2025-7984	(0Day) Ashlar-Vellum Cobalt AR File Parsing Uninitialized Variable Remote Code Execution Vulnerability
ZDI-25-635	ZDI-CAN-25477	Ashlar-Vellum	CVE-2025-7983	(0Day) Ashlar-Vellum Graphite VC6 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-634	ZDI-CAN-25475	Ashlar-Vellum	CVE-2025-7981	(0Day) Ashlar-Vellum Graphite VC6 File Parsing Uninitialized Variable Remote Code Execution Vulnerability
ZDI-25-633	ZDI-CAN-25463	Ashlar-Vellum	CVE-2025-7979	(0Day) Ashlar-Vellum Graphite VC6 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-632	ZDI-CAN-25459	Ashlar-Vellum	CVE-2025-7978	(0Day) Ashlar-Vellum Graphite VC6 File Parsing Uninitialized Variable Remote Code Execution Vulnerability
ZDI-25-631	ZDI-CAN-25465	Ashlar-Vellum	CVE-2025-7980	(0Day) Ashlar-Vellum Graphite VC6 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-630	ZDI-CAN-25476	Ashlar-Vellum	CVE-2025-7982	(0Day) Ashlar-Vellum Cobalt LI File Parsing Integer Overflow Remote Code Execution Vulnerability
ZDI-25-629	ZDI-CAN-25354	Ashlar-Vellum	CVE-2025-7977	(0Day) Ashlar-Vellum Cobalt LI File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-628	ZDI-CAN-26346	Phoenix Contact	CVE-2025-25271	(Pwn2Own) Phoenix Contact CHARX SEC-3150 OCPP Authentication Bypass Vulnerability
ZDI-25-627	ZDI-CAN-26517	rocket.chat	CVE-2025-7974	rocket.chat Incorrect Authorization Information Disclosure Vulnerability
ZDI-25-626	ZDI-CAN-27193	NVIDIA	CVE-2025-23266	(Pwn2Own) NVIDIA Container Toolkit Environment Variable Handling Local Privilege Escalation Vulnerability
ZDI-25-625	ZDI-CAN-26062	Veeam	CVE-2025-24286	Veeam Backup Enterprise Manager JobManagmentService Improper Access Control Remote Code Execution Vulnerability
ZDI-25-624	ZDI-CAN-23328	Phoenix Contact	CVE-2024-25995	(Pwn2Own) Phoenix Contact CHARX SEC-3100 Command Injection Remote Code Execution Vulnerability
ZDI-25-623	ZDI-CAN-26332	Phoenix Contact	CVE-2025-25270	(Pwn2Own) Phoenix Contact CHARX SEC-3150 Origin Validation Error Firewall Bypass Vulnerability
ZDI-25-622	ZDI-CAN-26331	Phoenix Contact	CVE-2025-25268	(Pwn2Own) Phoenix Contact CHARX SEC-3150 Configuration Service Missing Authentication Vulnerability
ZDI-25-621	ZDI-CAN-26350	Phoenix Contact	CVE-2025-25269	(Pwn2Own) Phoenix Contact CHARX SEC-3150 DHCP Configuration Command Injection Remote Code Execution Vulnerability
ZDI-25-620	ZDI-CAN-26901	Dassault Systèmes	CVE-2025-6973	Dassault Systèmes eDrawings Viewer JT File Parsing Use-After-Free Remote Code Execution Vulnerability
ZDI-25-619	ZDI-CAN-26813	Dassault Systèmes	CVE-2025-0831	Dassault Systèmes eDrawings Viewer JT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-618	ZDI-CAN-26895	Dassault Systèmes	CVE-2025-6974	Dassault Systèmes eDrawings Viewer JT File Parsing Uninitialized Variable Remote Code Execution Vulnerability
ZDI-25-617	ZDI-CAN-26971	Dassault Systèmes	CVE-2025-6972	Dassault Systèmes eDrawings Viewer CATPRODUCT File Parsing Use-After-Free Remote Code Execution Vulnerability
ZDI-25-616	ZDI-CAN-26975	Dassault Systèmes	CVE-2025-6971	Dassault Systèmes eDrawings Viewer CATPRODUCT File Parsing Use-After-Free Remote Code Execution Vulnerability
ZDI-25-615	ZDI-CAN-27117	Dassault Systèmes	CVE-2025-7042	Dassault Systèmes eDrawings Viewer IPT File Parsing Use-After-Free Remote Code Execution Vulnerability
ZDI-25-614	ZDI-CAN-25791	Hewlett Packard Enterprise	CVE-2025-37107	Hewlett Packard Enterprise AutoPass License Server Authentication Bypass Vulnerability
ZDI-25-613	ZDI-CAN-25790	Hewlett Packard Enterprise	CVE-2025-37106	Hewlett Packard Enterprise AutoPass License Server Hard-coded Credentials Authentication Bypass Vulnerability
ZDI-25-612	ZDI-CAN-25789	Hewlett Packard Enterprise	CVE-2025-37105	Hewlett Packard Enterprise AutoPass License Server Hard-coded Credentials Remote Code Execution Vulnerability
ZDI-25-611	ZDI-CAN-27123	VMware	CVE-2025-41239	VMware ESXi VMCI Uninitialized Memory Information Disclosure Vulnerability
ZDI-25-610	ZDI-CAN-27391	Linux	CVE-2025-38191	Linux Kernel ksmbd destroy_previous_session Null Pointer Dereference Denial-of-Service Vulnerability
ZDI-25-609	ZDI-CAN-27121	Cisco	CVE-2025-20281	Cisco Identity Services Engine invokeStrongSwanShellScript Command Injection Remote Code Execution Vulnerability
ZDI-25-608	ZDI-CAN-26483	Cisco	CVE-2025-20282	Cisco Identity Services Engine handleFilesUpload Unrestricted File Upload Remote Code Execution Vulnerability
ZDI-25-607	ZDI-CAN-26481	Cisco	CVE-2025-20337	Cisco Identity Services Engine enableStrongSwanTunnel Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-606	ZDI-CAN-26482	Cisco	CVE-2025-20284	Cisco Identity Services Engine handleStrongSwanTunnelStatus Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-605	ZDI-CAN-26480	Cisco	CVE-2025-20285	Cisco Identity Services Engine IpAccessFilter Direct Request Authentication Bypass Vulnerability
ZDI-25-604	ZDI-CAN-26479	Cisco	CVE-2025-20283	Cisco Identity Services Engine disableStrongSwanTunnel Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-603	ZDI-CAN-27152	Autodesk	CVE-2025-5037	Autodesk Revit RTE File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-602	ZDI-CAN-27154	Oracle	CVE-2025-53027	(Pwn2Own) Oracle VirtualBox OHCI USB Controller Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability
ZDI-25-601	ZDI-CAN-27122	Oracle	CVE-2025-53024	(Pwn2Own) Oracle VirtualBox VMSVGA Integer Overflow Local Privilege Escalation Vulnerability
ZDI-25-600	ZDI-CAN-27163	Oracle	CVE-2025-53028	(Pwn2Own) Oracle VirtualBox VMSVGA Out-Of-Bounds Write Local Privilege Escalation Vulnerability
ZDI-25-599	ZDI-CAN-26653	Oracle	CVE-2025-53026	Oracle VirtualBox LSILogic Uninitialized Memory Information Disclosure Vulnerability
ZDI-25-598	ZDI-CAN-26654	Oracle	CVE-2025-53025	Oracle VirtualBox BusLogic Uninitialized Memory Information Disclosure Vulnerability
ZDI-25-597	ZDI-CAN-26922	Autodesk	CVE-2025-5037	Autodesk Revit RFA File Parsing Type Confusion Remote Code Execution Vulnerability
ZDI-25-596	ZDI-CAN-26917	Autodesk	CVE-2025-5040	Autodesk Revit RTE File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-595	ZDI-CAN-27098	Autodesk	CVE-2025-5037	Autodesk Revit RFA File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-594	ZDI-CAN-26963	Autodesk	CVE-2025-5037	Autodesk Revit RFA File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-593	ZDI-CAN-26925	Autodesk	CVE-2025-5037	Autodesk Revit RVT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-592	ZDI-CAN-26923	Autodesk	CVE-2025-5037	Autodesk Revit RVT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-591	ZDI-CAN-26161	Delta Electronics	CVE-2025-53415	Delta Electronics DTM Soft BIN File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-590	ZDI-CAN-26240	G DATA	CVE-2025-2790	G DATA Total Security GDTunerSvc Link Following Local Privilege Escalation Vulnerability
ZDI-25-589	ZDI-CAN-25342	Trend Micro	CVE-2025-53378	Trend Micro Worry-Free Business Security Missing Authentication Vulnerability
ZDI-25-588	ZDI-CAN-26484	Trend Micro	CVE-2025-53503	Trend Micro Cleaner One Pro Link Following Local Privilege Escalation Vulnerability
ZDI-25-587	ZDI-CAN-26473	Luxion	CVE-2025-7222	Luxion KeyShot 3DM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-586	ZDI-CAN-25729	Trend Micro	CVE-2025-52837	Trend Micro Password Manager Link Following Local Privilege Escalation Vulnerability
ZDI-25-585	ZDI-CAN-26887	Trend Micro	CVE-2025-52521	Trend Micro Maximum Security Link Following Local Privilege Escalation Vulnerability
ZDI-25-584	ZDI-CAN-27167	Microsoft	CVE-2025-49727	Microsoft Windows win32kfull Out-Of-Bounds Write Local Privilege Escalation Vulnerability
ZDI-25-583	ZDI-CAN-26791	Microsoft	CVE-2025-49732	Microsoft Windows win32kfull Out-Of-Bounds Write Local Privilege Escalation Vulnerability
ZDI-25-582	ZDI-CAN-27246	Microsoft	CVE-2025-49740	Microsoft Windows Startup Folder SmartScreen Bypass Vulnerability
ZDI-25-581	ZDI-CAN-27247	Microsoft	CVE-2025-49704	(Pwn2Own) Microsoft SharePoint DataSetSurrogateSelector Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-580	ZDI-CAN-27162	Microsoft	CVE-2025-49706	(Pwn2Own) Microsoft SharePoint ToolPane Authentication Bypass Vulnerability
ZDI-25-579	ZDI-CAN-26249	Microsoft	CVE-2025-47993	Microsoft PC Manager Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
ZDI-25-578	ZDI-CAN-26768	Microsoft	CVE-2025-49742	Microsoft Windows win32kfull Integer Overflow Local Privilege Escalation Vulnerability
ZDI-25-577	ZDI-CAN-26358	Microsoft	CVE-2025-48820	Microsoft Windows AppX Deployment Service Link Following Local Privilege Escalation Vulnerability
ZDI-25-576	ZDI-CAN-26572	Siemens	CVE-2025-40738	Siemens SINEC NMS uploadFWBinary Directory Traversal Remote Code Execution Vulnerability
ZDI-25-575	ZDI-CAN-26571	Siemens	CVE-2025-40737	Siemens SINEC NMS unZipJarFilestoLocation Directory Traversal Remote Code Execution Vulnerability
ZDI-25-574	ZDI-CAN-26569	Siemens	CVE-2025-40736	Siemens SINEC NMS reqToChangePassword Authentication Bypass Vulnerability
ZDI-25-573	ZDI-CAN-26376	IrfanView	CVE-2025-7299	IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-572	ZDI-CAN-26434	IrfanView	CVE-2025-7325	IrfanView CADImage Plugin DXF File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-571	ZDI-CAN-26430	IrfanView	CVE-2025-7324	IrfanView CADImage Plugin DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-570	ZDI-CAN-26428	IrfanView	CVE-2025-7323	IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-569	ZDI-CAN-26423	IrfanView	CVE-2025-7322	IrfanView CADImage Plugin DWG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-568	ZDI-CAN-26421	IrfanView	CVE-2025-7321	IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-567	ZDI-CAN-26418	IrfanView	CVE-2025-7320	IrfanView CADImage Plugin DXF File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-566	ZDI-CAN-26413	IrfanView	CVE-2025-7319	IrfanView CADImage Plugin DWG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-565	ZDI-CAN-26412	IrfanView	CVE-2025-7318	IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-564	ZDI-CAN-26411	IrfanView	CVE-2025-7317	IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-563	ZDI-CAN-26410	IrfanView	CVE-2025-7316	IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-562	ZDI-CAN-26408	IrfanView	CVE-2025-7315	IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-561	ZDI-CAN-26400	IrfanView	CVE-2025-7314	IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-560	ZDI-CAN-26399	IrfanView	CVE-2025-7313	IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-559	ZDI-CAN-26398	IrfanView	CVE-2025-7312	IrfanView CADImage Plugin DWG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-558	ZDI-CAN-26395	IrfanView	CVE-2025-7311	IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-557	ZDI-CAN-26391	IrfanView	CVE-2025-7309	IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-556	ZDI-CAN-26393	IrfanView	CVE-2025-7310	IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-555	ZDI-CAN-26389	IrfanView	CVE-2025-7308	IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-554	ZDI-CAN-26388	IrfanView	CVE-2025-7307	IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-553	ZDI-CAN-26387	IrfanView	CVE-2025-7306	IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-552	ZDI-CAN-26386	IrfanView	CVE-2025-7305	IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-551	ZDI-CAN-26385	IrfanView	CVE-2025-7304	IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-550	ZDI-CAN-26384	IrfanView	CVE-2025-7303	IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-549	ZDI-CAN-26381	IrfanView	CVE-2025-7302	IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-548	ZDI-CAN-26380	IrfanView	CVE-2025-7301	IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-547	ZDI-CAN-26377	IrfanView	CVE-2025-7300	IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-546	ZDI-CAN-26243	IrfanView	CVE-2025-7296	IrfanView CADImage Plugin DXF File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-545	ZDI-CAN-26244	IrfanView	CVE-2025-7297	IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-544	ZDI-CAN-26242	IrfanView	CVE-2025-7295	IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-543	ZDI-CAN-26230	IrfanView	CVE-2025-7294	IrfanView CADImage Plugin DXF File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-542	ZDI-CAN-26246	IrfanView	CVE-2025-7298	IrfanView CADImage Plugin DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-541	ZDI-CAN-26229	IrfanView	CVE-2025-7293	IrfanView CADImage Plugin DXF File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-540	ZDI-CAN-26228	IrfanView	CVE-2025-7292	IrfanView CADImage Plugin DXF File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-539	ZDI-CAN-26227	IrfanView	CVE-2025-7291	IrfanView CADImage Plugin DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-538	ZDI-CAN-26226	IrfanView	CVE-2025-7290	IrfanView CADImage Plugin DXF File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-537	ZDI-CAN-26221	IrfanView	CVE-2025-7285	IrfanView CADImage Plugin DXF File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-536	ZDI-CAN-26220	IrfanView	CVE-2025-7284	IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-535	ZDI-CAN-26225	IrfanView	CVE-2025-7289	IrfanView CADImage Plugin DXF File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-534	ZDI-CAN-26224	IrfanView	CVE-2025-7288	IrfanView CADImage Plugin DXF File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-533	ZDI-CAN-26223	IrfanView	CVE-2025-7287	IrfanView CADImage Plugin DXF File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-532	ZDI-CAN-26222	IrfanView	CVE-2025-7286	IrfanView CADImage Plugin DXF File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-531	ZDI-CAN-26219	IrfanView	CVE-2025-7283	IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-530	ZDI-CAN-26216	IrfanView	CVE-2025-7282	IrfanView CADImage Plugin DXF File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-529	ZDI-CAN-26215	IrfanView	CVE-2025-7281	IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-528	ZDI-CAN-26214	IrfanView	CVE-2025-7280	IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-527	ZDI-CAN-26213	IrfanView	CVE-2025-7279	IrfanView CADImage Plugin CGM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-526	ZDI-CAN-26211	IrfanView	CVE-2025-7278	IrfanView CADImage Plugin DXF File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-525	ZDI-CAN-26203	IrfanView	CVE-2025-7274	IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-524	ZDI-CAN-26209	IrfanView	CVE-2025-7277	IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-523	ZDI-CAN-26208	IrfanView	CVE-2025-7276	IrfanView CADImage Plugin DXF File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-522	ZDI-CAN-26204	IrfanView	CVE-2025-7275	IrfanView CADImage Plugin CGM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-521	ZDI-CAN-26198	IrfanView	CVE-2025-7272	IrfanView CADImage Plugin DXF File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-520	ZDI-CAN-26193	IrfanView	CVE-2025-7271	IrfanView CADImage Plugin DXF File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-519	ZDI-CAN-26202	IrfanView	CVE-2025-7273	IrfanView CADImage Plugin DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-518	ZDI-CAN-26189	IrfanView	CVE-2025-7270	IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-517	ZDI-CAN-26188	IrfanView	CVE-2025-7269	IrfanView CADImage Plugin DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-516	ZDI-CAN-26182	IrfanView	CVE-2025-7268	IrfanView CADImage Plugin DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-515	ZDI-CAN-26179	IrfanView	CVE-2025-7267	IrfanView CADImage Plugin DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-514	ZDI-CAN-26174	IrfanView	CVE-2025-7266	IrfanView CADImage Plugin DXF File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-513	ZDI-CAN-26173	IrfanView	CVE-2025-7265	IrfanView CADImage Plugin CGM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-512	ZDI-CAN-26171	IrfanView	CVE-2025-7264	IrfanView CADImage Plugin CGM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-511	ZDI-CAN-26170	IrfanView	CVE-2025-7263	IrfanView CADImage Plugin CGM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-510	ZDI-CAN-26132	IrfanView	CVE-2025-7262	IrfanView CADImage Plugin DWG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-509	ZDI-CAN-26130	IrfanView	CVE-2025-7261	IrfanView CADImage Plugin DWG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-508	ZDI-CAN-26129	IrfanView	CVE-2025-7260	IrfanView CADImage Plugin DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-507	ZDI-CAN-26127	IrfanView	CVE-2025-7258	IrfanView CADImage Plugin DWG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-506	ZDI-CAN-26085	IrfanView	CVE-2025-7239	IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-505	ZDI-CAN-26084	IrfanView	CVE-2025-7238	IrfanView CADImage Plugin DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-504	ZDI-CAN-26083	IrfanView	CVE-2025-7237	IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-503	ZDI-CAN-26126	IrfanView	CVE-2025-7257	IrfanView CADImage Plugin DXF File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-502	ZDI-CAN-26119	IrfanView	CVE-2025-7256	IrfanView CADImage Plugin DXF File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-501	ZDI-CAN-26098	IrfanView	CVE-2025-7248	IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-500	ZDI-CAN-26118	IrfanView	CVE-2025-7255	IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-499	ZDI-CAN-26096	IrfanView	CVE-2025-7247	IrfanView CADImage Plugin DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-498	ZDI-CAN-26095	IrfanView	CVE-2025-7246	IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-497	ZDI-CAN-26093	IrfanView	CVE-2025-7244	IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-496	ZDI-CAN-26113	IrfanView	CVE-2025-7254	IrfanView CADImage Plugin DXF File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-495	ZDI-CAN-26074	IrfanView	CVE-2025-7234	IrfanView CADImage Plugin CGM File Parsing Out-of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-494	ZDI-CAN-26072	IrfanView	CVE-2025-7233	IrfanView CADImage Plugin DWG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-493	ZDI-CAN-26112	IrfanView	CVE-2025-7253	IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-492	ZDI-CAN-26100	IrfanView	CVE-2025-7249	IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-491	ZDI-CAN-26091	IrfanView	CVE-2025-7243	IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-490	ZDI-CAN-26088	IrfanView	CVE-2025-7242	IrfanView CADImage Plugin DWG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-489	ZDI-CAN-26087	IrfanView	CVE-2025-7241	IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-488	ZDI-CAN-26086	IrfanView	CVE-2025-7240	IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-487	ZDI-CAN-26080	IrfanView	CVE-2025-7236	IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-486	ZDI-CAN-26107	IrfanView	CVE-2025-7250	IrfanView CADImage Plugin DWG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-485	ZDI-CAN-26075	IrfanView	CVE-2025-7235	IrfanView CADImage Plugin DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-484	ZDI-CAN-26109	IrfanView	CVE-2025-7252	IrfanView CADImage Plugin DWG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-483	ZDI-CAN-26108	IrfanView	CVE-2025-7251	IrfanView CADImage Plugin DWG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-482	ZDI-CAN-25724	INVT	CVE-2025-7231	(0Day) INVT VT-Designer PM3 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-481	ZDI-CAN-25723	INVT	CVE-2025-7230	(0Day) INVT VT-Designer PM3 File Parsing Type Confusion Remote Code Execution Vulnerability
ZDI-25-480	ZDI-CAN-25722	INVT	CVE-2025-7229	(0Day) INVT VT-Designer PM3 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-479	ZDI-CAN-25571	INVT	CVE-2025-7228	(0Day) INVT VT-Designer PM3 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-478	ZDI-CAN-25550	INVT	CVE-2025-7227	(0Day) INVT VT-Designer PM3 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-477	ZDI-CAN-25048	INVT	CVE-2025-7226	(0Day) INVT HMITool VPM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-476	ZDI-CAN-25047	INVT	CVE-2025-7225	(0Day) INVT HMITool VPM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-475	ZDI-CAN-25045	INVT	CVE-2025-7224	(0Day) INVT HMITool VPM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-474	ZDI-CAN-25044	INVT	CVE-2025-7223	(0Day) INVT HMITool VPM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-473	ZDI-CAN-25039	Parallels	CVE-2025-6812	Parallels Client Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
ZDI-25-472	ZDI-CAN-26720	Delta Electronics	CVE-2025-47726	Delta Electronics CNCSoft Screen Editor DPB File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-471	ZDI-CAN-26842	Delta Electronics	CVE-2025-47727	Delta Electronics CNCSoft Screen Editor DPB File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-470	ZDI-CAN-26719	Delta Electronics	CVE-2025-47725	Delta Electronics CNCSoft Screen Editor DPB File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-469	ZDI-CAN-26718	Delta Electronics	CVE-2025-47724	Delta Electronics CNCSoft Screen Editor DPB File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-468	ZDI-CAN-26061	GFI	CVE-2019-18935, CVE-2017-11317, CVE-2014-2217	GFI Archiver Telerik Web UI Remote Code Execution Vulnerability
ZDI-25-467	ZDI-CAN-27381	GStreamer	CVE-2025-6663	GStreamer H266 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-466	ZDI-CAN-25218	Marvell	CVE-2025-6809	(0Day) Marvell QConvergeConsole readNICParametersFromFile Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-465	ZDI-CAN-25217	Marvell	CVE-2025-6808	(0Day) Marvell QConvergeConsole readObjectFromConfigFile Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-464	ZDI-CAN-24922	Marvell	CVE-2025-6802	(0Day) Marvell QConvergeConsole getFileFromURL Unrestricted File Upload Remote Code Execution Vulnerability
ZDI-25-463	ZDI-CAN-24980	Marvell	CVE-2025-6807	(0Day) Marvell QConvergeConsole getDriverTmpPath Directory Traversal Information Disclosure Vulnerability
ZDI-25-462	ZDI-CAN-24979	Marvell	CVE-2025-6806	(0Day) Marvell QConvergeConsole decryptFile Directory Traversal Arbitrary File Write Vulnerability
ZDI-25-461	ZDI-CAN-24925	Marvell	CVE-2025-6805	(0Day) Marvell QConvergeConsole deleteEventLogFile Directory Traversal Arbitrary File Deletion Vulnerability
ZDI-25-460	ZDI-CAN-24921	Marvell	CVE-2025-6801	(0Day) Marvell QConvergeConsole saveNICParamsToFile Directory Traversal Arbitrary File Write Vulnerability
ZDI-25-459	ZDI-CAN-24920	Marvell	CVE-2025-6800	(0Day) Marvell QConvergeConsole restoreESwitchConfig Directory Traversal Information Disclosure Vulnerability
ZDI-25-458	ZDI-CAN-24919	Marvell	CVE-2025-6799	(0Day) Marvell QConvergeConsole getFileUploadBytes Directory Traversal Information Disclosure Vulnerability
ZDI-25-457	ZDI-CAN-24918	Marvell	CVE-2025-6798	(0Day) Marvell QConvergeConsole deleteAppFile Directory Traversal Arbitrary File Deletion Vulnerability
ZDI-25-456	ZDI-CAN-24917	Marvell	CVE-2025-6797	(0Day) Marvell QConvergeConsole getFileUploadBytes Directory Traversal Information Disclosure Vulnerability
ZDI-25-455	ZDI-CAN-24914	Marvell	CVE-2025-6795	(0Day) Marvell QConvergeConsole getFileUploadSize Directory Traversal Information Disclosure Vulnerability
ZDI-25-454	ZDI-CAN-24913	Marvell	CVE-2025-6794	(0Day) Marvell QConvergeConsole saveAsText Directory Traversal Remote Code Execution Vulnerability
ZDI-25-453	ZDI-CAN-24924	Marvell	CVE-2025-6804	(0Day) Marvell QConvergeConsole compressFirmwareDumpFiles Directory Traversal Information Disclosure Vulnerability
ZDI-25-452	ZDI-CAN-24923	Marvell	CVE-2025-6803	(0Day) Marvell QConvergeConsole compressDriverFiles Directory Traversal Information Disclosure Vulnerability
ZDI-25-451	ZDI-CAN-24916	Marvell	CVE-2025-6796	(0Day) Marvell QConvergeConsole getAppFileBytes Directory Traversal Information Disclosure Vulnerability
ZDI-25-450	ZDI-CAN-24912	Marvell	CVE-2025-6793	(0Day) Marvell QConvergeConsole QLogicDownloadImpl Directory Traversal Arbitrary File Deletion and Information Disclosure Vulnerability
ZDI-25-449	ZDI-CAN-25397	Mescius	CVE-2025-6811	(0Day) Mescius ActiveReports.NET TypeResolutionService Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-448	ZDI-CAN-25246	Mescius	CVE-2025-6810	(0Day) Mescius ActiveReports.NET ReadValue Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-447	ZDI-CAN-26985	PDF-XChange	CVE-2025-6662	PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-446	ZDI-CAN-26823	PDF-XChange	CVE-2025-6661	PDF-XChange Editor App Object Use-After-Free Remote Code Execution Vulnerability
ZDI-25-445	ZDI-CAN-26734	PDF-XChange	CVE-2025-6659	PDF-XChange Editor PRC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-444	ZDI-CAN-26733	PDF-XChange	CVE-2025-6658	PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-443	ZDI-CAN-26763	PDF-XChange	CVE-2025-6660	PDF-XChange Editor GIF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-442	ZDI-CAN-26732	PDF-XChange	CVE-2025-6657	PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-441	ZDI-CAN-26731	PDF-XChange	CVE-2025-6656	PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-440	ZDI-CAN-26730	PDF-XChange	CVE-2025-6655	PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-439	ZDI-CAN-26729	PDF-XChange	CVE-2025-6654	PDF-XChange Editor PRC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-438	ZDI-CAN-26726	PDF-XChange	CVE-2025-6653	PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-437	ZDI-CAN-26724	PDF-XChange	CVE-2025-6652	PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-436	ZDI-CAN-26713	PDF-XChange	CVE-2025-6651	PDF-XChange Editor JP2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-435	ZDI-CAN-26712	PDF-XChange	CVE-2025-6650	PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-434	ZDI-CAN-26709	PDF-XChange	CVE-2025-6649	PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-433	ZDI-CAN-26671	PDF-XChange	CVE-2025-6648	PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-432	ZDI-CAN-26644	PDF-XChange	CVE-2025-6647	PDF-XChange Editor U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-431	ZDI-CAN-26643	PDF-XChange	CVE-2025-6646	PDF-XChange Editor U3D File Parsing Use-After-Free Information Disclosure Vulnerability
ZDI-25-430	ZDI-CAN-26642	PDF-XChange	CVE-2025-6645	PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability
ZDI-25-429	ZDI-CAN-26536	PDF-XChange	CVE-2025-6644	PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability
ZDI-25-428	ZDI-CAN-26532	PDF-XChange	CVE-2025-6643	PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-427	ZDI-CAN-26530	PDF-XChange	CVE-2025-6642	PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-426	ZDI-CAN-26528	PDF-XChange	CVE-2025-6641	PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-425	ZDI-CAN-26527	PDF-XChange	CVE-2025-6640	PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability
ZDI-25-424	ZDI-CAN-26415	Mikrotik	CVE-2025-6443	Mikrotik RouterOS VXLAN Source IP Improper Access Control Vulnerability
ZDI-25-423	ZDI-CAN-23719	Microsoft		Microsoft WinJS winjsdevelop Uncontrolled Search Path Element Remote Code Execution Vulnerability
ZDI-25-422	ZDI-CAN-24823	Microsoft		Microsoft Azure Machine Learning Environments Denial-of-Service Vulnerability
ZDI-25-421	ZDI-CAN-24622	Microsoft		Microsoft Azure App Services Information Disclosure Vulnerability
ZDI-25-420	ZDI-CAN-26241	PaperCut	CVE-2024-8404	PaperCut NG web-print-hot-folder Link Following Local Privilege Escalation Vulnerability
ZDI-25-419	ZDI-CAN-26660	TeamViewer	CVE-2025-36537	TeamViewer Incorrect Permission Assignment Local Privilege Escalation Vulnerability
ZDI-25-418	ZDI-CAN-26498	Apple	CVE-2025-31196	Apple macOS CoreGraphics PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-417	ZDI-CAN-26010	Clam AntiVirus	CVE-2025-20234	Clam AntiVirus UDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-416	ZDI-CAN-25837	ServiceStack	CVE-2025-6445	ServiceStack FindType Directory Traversal Remote Code Execution Vulnerability
ZDI-25-415	ZDI-CAN-25834	ServiceStack	CVE-2025-6444	ServiceStack GetErrorResponse Improper Input Validation NTLM Relay Vulnerability
ZDI-25-414	ZDI-CAN-21876	Ruby	CVE-2025-6442	Ruby WEBrick read_header HTTP Request Smuggling Vulnerability
ZDI-25-413	ZDI-CAN-26018	Fuji Electric	CVE-2025-41388	Fuji Electric Smart Editor TL5 File Parsing Stack-Based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-412	ZDI-CAN-26031	Fuji Electric	CVE-2025-41413	Fuji Electric Smart Editor X1 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-411	ZDI-CAN-26167	Delta Electronics	CVE-2025-47728	Delta Electronics CNCSoft-G2 DPAX File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-410	ZDI-CAN-27104	Allegra	CVE-2025-6216	Allegra calculateTokenExpDate Password Recovery Authentication Bypass Vulnerability
ZDI-25-409	ZDI-CAN-27198	RARLAB	CVE-2025-6218	RARLAB WinRAR Directory Traversal Remote Code Execution Vulnerability
ZDI-25-408	ZDI-CAN-24161	PEAK-System	CVE-2025-6217	PEAK-System Driver PCANFD_ADD_FILTERS Time-Of-Check Time-Of-Use Information Disclosure Vulnerability
ZDI-25-407	ZDI-CAN-25346	SolarWinds	CVE-2024-28988	SolarWinds Web Help Desk AjaxProxy Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-406	ZDI-CAN-25087	SolarWinds	CVE-2024-45711	SolarWinds Serv-U FTP Service Directory Traversal Remote Code Execution Vulnerability
ZDI-25-405	ZDI-CAN-26024	Fuji Electric	CVE-2025-41388	Fuji Electric Smart Editor X1 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-404	ZDI-CAN-26022	Fuji Electric	CVE-2025-41388	Fuji Electric Smart Editor X1 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-403	ZDI-CAN-26020	Fuji Electric	CVE-2025-41388	Fuji Electric Smart Editor V8 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-402	ZDI-CAN-25942	Fuji Electric	CVE-2025-41388	Fuji Electric Smart Editor TL5 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-401	ZDI-CAN-26028	Fuji Electric	CVE-2025-41413	Fuji Electric Smart Editor V10 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-400	ZDI-CAN-26032	Fuji Electric	CVE-2025-32412	Fuji Electric Smart Editor TL5 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-399	ZDI-CAN-26026	Fuji Electric	CVE-2025-41388	Fuji Electric Smart Editor V8 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-398	ZDI-CAN-25876	Trend Micro	CVE-2025-49384	Trend Micro Internet Security Platinum Host Service Link Following Local Privilege Escalation Vulnerability
ZDI-25-397	ZDI-CAN-25049	Delta Electronics	CVE-2025-3495	Delta Electronics COMMGR Insufficient Randomization Authentication Bypass Vulnerability
ZDI-25-396	ZDI-CAN-25916	Siemens	CVE-2025-31353	Siemens TeleControl Server Basic UpdateOpcSettings SQL Injection Information Disclosure Vulnerability
ZDI-25-395	ZDI-CAN-25915	Siemens	CVE-2025-31352	Siemens TeleControl Server Basic UpdateGateways SQL Injection Information Disclosure Vulnerability
ZDI-25-394	ZDI-CAN-25917	Siemens	CVE-2025-31351	Siemens TeleControl Server Basic CreateProject SQL Injection Information Disclosure Vulnerability
ZDI-25-393	ZDI-CAN-25918	Siemens	CVE-2025-31350	Siemens TeleControl Server Basic UpdateBufferingSettings SQL Injection Information Disclosure Vulnerability
ZDI-25-392	ZDI-CAN-25919	Siemens	CVE-2025-31349	Siemens TeleControl Server Basic UpdateSmtpSettings SQL Injection Information Disclosure Vulnerability
ZDI-25-391	ZDI-CAN-25920	Siemens	CVE-2025-31343	Siemens TeleControl Server Basic UpdateTcmSettings SQL Injection Information Disclosure Vulnerability
ZDI-25-390	ZDI-CAN-25921	Siemens	CVE-2025-30032	Siemens TeleControl Server Basic UpdateDatabaseSettings SQL Injection Information Disclosure Vulnerability
ZDI-25-389	ZDI-CAN-25922	Siemens	CVE-2025-30031	Siemens TeleControl Server Basic UpdateUsers SQL Injection Information Disclosure Vulnerability
ZDI-25-388	ZDI-CAN-25924	Siemens	CVE-2025-30030	Siemens TeleControl Server Basic ImportDatabase SQL Injection Information Disclosure Vulnerability
ZDI-25-387	ZDI-CAN-25910	Siemens	CVE-2025-30003	Siemens TeleControl Server Basic UpdateProjectConnections SQL Injection Information Disclosure Vulnerability
ZDI-25-386	ZDI-CAN-25909	Siemens	CVE-2025-30002	Siemens TeleControl Server Basic UpdateConnectionVariables SQL Injection Information Disclosure Vulnerability
ZDI-25-385	ZDI-CAN-25923	Siemens	CVE-2025-29905	Siemens TeleControl Server Basic RestoreFromBackup SQL Injection Remote Code Execution Vulnerability
ZDI-25-384	ZDI-CAN-25913	Siemens	CVE-2025-27540	Siemens TeleControl Server Basic Authenticate SQL Injection Remote Code Execution Vulnerability
ZDI-25-383	ZDI-CAN-25914	Siemens	CVE-2025-27539	Siemens TeleControl Server Basic VerifyUser SQL Injection Remote Code Execution Vulnerability
ZDI-25-382	ZDI-CAN-25912	Siemens	CVE-2025-32475	Siemens TeleControl Server Basic UpdateProject SQL Injection Information Disclosure Vulnerability
ZDI-25-381	ZDI-CAN-25911	Siemens	CVE-2025-27495	Siemens TeleControl Server Basic CreateTrace SQL Injection Remote Code Execution Vulnerability
ZDI-25-380	ZDI-CAN-25877	Trend Micro	CVE-2025-49385	Trend Micro Maximum Security Platinum Host Service Link Following Local Privilege Escalation Vulnerability
ZDI-25-379	ZDI-CAN-25589	Ubiquiti Networks	CVE-2025-23117	(Pwn2Own) Ubiquiti Networks AI Bullet Insufficient Firmware Update Validation Remote Code Execution Vulnerability
ZDI-25-378	ZDI-CAN-25588	Ubiquiti Networks	CVE-2025-23116	(Pwn2Own) Ubiquiti Networks UniFi Console Missing Authentication for Critical Function Authentication Bypass Vulnerability
ZDI-25-377	ZDI-CAN-25603	Ubiquiti Networks	CVE-2025-23119	(Pwn2Own) Ubiquiti Networks AI Bullet Improper Neutralization of Escape Sequences Authentication Bypass Vulnerability
ZDI-25-376	ZDI-CAN-25666	Ubiquiti Networks	CVE-2025-23118	(Pwn2Own) Ubiquiti Networks AI Bullet Improper Certificate Validation Authentication Bypass Vulnerability
ZDI-25-375	ZDI-CAN-25526	Trend Micro	CVE-2025-49218	Trend Micro Endpoint Encryption ProcessWhereClause SQL Injection Privilege Escalation Vulnerability
ZDI-25-374	ZDI-CAN-25505	Trend Micro	CVE-2025-49217	Trend Micro Endpoint Encryption ValidateToken Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-373	ZDI-CAN-25519	Trend Micro	CVE-2025-49216	Trend Micro Endpoint Encryption DbAppDomain Authentication Bypass Vulnerability
ZDI-25-372	ZDI-CAN-25527	Trend Micro	CVE-2025-49215	Trend Micro Endpoint Encryption GetGroupFilteredUsers SQL Injection Privilege Escalation Vulnerability
ZDI-25-371	ZDI-CAN-25518	Trend Micro	CVE-2025-49212	Trend Micro Endpoint Encryption DeserializeFromBase64String Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-370	ZDI-CAN-25506	Trend Micro	CVE-2025-49213	Trend Micro Endpoint Encryption PolicyServerWindowsService Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-369	ZDI-CAN-25507	Trend Micro	CVE-2025-49212	Trend Micro Endpoint Encryption PolicyValueTableSerializationBinder Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-368	ZDI-CAN-25528	Trend Micro	CVE-2025-49211	Trend Micro Endpoint Encryption BuildEnterpriseSearchString SQL Injection Privilege Escalation Vulnerability
ZDI-25-367	ZDI-CAN-25495	Trend Micro	CVE-2025-49220	Trend Micro Apex Central ConvertFromJson Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-366	ZDI-CAN-25286	Trend Micro	CVE-2025-49219	Trend Micro Apex Central GetReportDetailView Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-365	ZDI-CAN-25771	Trend Micro	CVE-2025-49158	Trend Micro Apex One Security Agent ntrmv Uncontrolled Search Path Local Privilege Escalation Vulnerability
ZDI-25-364	ZDI-CAN-25273	Trend Micro	CVE-2025-49157	Trend Micro Apex One Damage Cleanup Engine Link Following Local Privilege Escalation Vulnerability
ZDI-25-363	ZDI-CAN-24973	Trend Micro	CVE-2025-49156	Trend Micro Apex One Virus Scan Engine Link Following Local Privilege Escalation Vulnerability
ZDI-25-362	ZDI-CAN-24571	Trend Micro	CVE-2025-49155	Trend Micro Apex One Data Loss Prevention Uncontrolled Search Path Remote Code Execution Vulnerability
ZDI-25-361	ZDI-CAN-25574	Trend Micro	CVE-2025-48443	Trend Micro Password Manager Link Following Local Privilege Escalation Vulnerability
ZDI-25-360	ZDI-CAN-23056	Trend Micro	CVE-2025-49487	Trend Micro Worry-Free Business Security Uncontrolled Search Path Element Arbitrary Code Execution Vulnerability
ZDI-25-359	ZDI-CAN-26586	Microsoft	CVE-2025-47959	Microsoft Visual Studio initializeCommand Insufficient UI Warning Remote Code Execution Vulnerability
ZDI-25-358	ZDI-CAN-26285	Sony	CVE-2025-5820	(Pwn2Own) Sony XAV-AX8500 Bluetooth ERTM Channel Authentication Bypass Vulnerability
ZDI-25-357	ZDI-CAN-26284	Sony	CVE-2025-5476	(Pwn2Own) Sony XAV-AX8500 Bluetooth Improper Isolation Authentication Bypass Vulnerability
ZDI-25-356	ZDI-CAN-26290	Sony	CVE-2025-5479	(Pwn2Own) Sony XAV-AX8500 Bluetooth AVCTP Protocol Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-355	ZDI-CAN-26288	Sony	CVE-2025-5478	(Pwn2Own) Sony XAV-AX8500 Bluetooth SDP Protocol Integer Overflow Remote Code Execution Vulnerability
ZDI-25-354	ZDI-CAN-26286	Sony	CVE-2025-5477	(Pwn2Own) Sony XAV-AX8500 Bluetooth L2CAP Protocol Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-353	ZDI-CAN-26283	Sony	CVE-2025-5475	(Pwn2Own) Sony XAV-AX8500 Bluetooth Packet Handling Integer Overflow Remote Code Execution Vulnerability
ZDI-25-352	ZDI-CAN-26079	Pioneer	CVE-2025-5832	Pioneer DMH-WT7600NEX Software Update Signing Insufficient Verification of Data Authenticity Vulnerability
ZDI-25-351	ZDI-CAN-26078	Pioneer	CVE-2025-5834	Pioneer DMH-WT7600NEX Missing Immutable Root of Trust in Hardware Local Privilege Escalation Vulnerability
ZDI-25-350	ZDI-CAN-26077	Pioneer	CVE-2025-5833	Pioneer DMH-WT7600NEX Root Filesystem Insufficient Verification of Data Authenticity Vulnerability
ZDI-25-349	ZDI-CAN-26327	Autel	CVE-2025-5830	(Pwn2Own) Autel MaxiCharger AC Wallbox Commercial DLB_SlaveRegister Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-348	ZDI-CAN-26330	Autel	CVE-2025-5829	(Pwn2Own) Autel MaxiCharger AC Wallbox Commercial autocharge Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-347	ZDI-CAN-26328	Autel	CVE-2025-5828	(Pwn2Own) Autel MaxiCharger AC Wallbox Commercial wLength Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-346	ZDI-CAN-26369	Autel	CVE-2025-5827	(Pwn2Own) Autel MaxiCharger AC Wallbox Commercial ble_process_esp32_msg Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-345	ZDI-CAN-26368	Autel	CVE-2025-5826	(Pwn2Own) Autel MaxiCharger AC Wallbox Commercial ble_process_esp32_msg Misinterpretation of Input Vulnerability
ZDI-25-344	ZDI-CAN-26354	Autel	CVE-2025-5825	(Pwn2Own) Autel MaxiCharger AC Wallbox Commercial Firmware Downgrade Remote Code Execution Vulnerability
ZDI-25-343	ZDI-CAN-26353	Autel	CVE-2025-5824	(Pwn2Own) Autel MaxiCharger AC Wallbox Commercial Origin Validation Error Authentication Bypass Vulnerability
ZDI-25-342	ZDI-CAN-26352	Autel		(Pwn2Own) Autel MaxiCharger AC Wallbox Commercial PIN Missing Authentication Information Disclosure Vulnerability
ZDI-25-341	ZDI-CAN-26351	Autel	CVE-2025-5823	(Pwn2Own) Autel MaxiCharger AC Wallbox Commercial Serial Number Exposed Dangerous Method Information Disclosure Vulnerability
ZDI-25-340	ZDI-CAN-26325	Autel	CVE-2025-5822	(Pwn2Own) Autel MaxiCharger AC Wallbox Commercial Technician API Incorrect Authorization Privilege Escalation Vulnerability
ZDI-25-339	ZDI-CAN-25932	Jupyter	CVE-2025-30167	JupyterLab Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
ZDI-25-338	ZDI-CAN-26593	Adobe	CVE-2025-43574	Adobe Acrobat Reader DC Collab Object Use-After-Free Remote Code Execution Vulnerability
ZDI-25-337	ZDI-CAN-26777	Adobe	CVE-2025-47112	Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-336	ZDI-CAN-26590	Adobe	CVE-2025-43573	Adobe Acrobat Reader DC Collab Object Use-After-Free Remote Code Execution Vulnerability
ZDI-25-335	ZDI-CAN-26342	Adobe	CVE-2025-43575	Adobe Acrobat Reader DC Doc Object Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-334	ZDI-CAN-26776	Microsoft	CVE-2025-30394	Microsoft Windows Remote Desktop Gateway Service Null Pointer Dereference Denial-of-Service Vulnerability
ZDI-25-333	ZDI-CAN-26487	Microsoft	CVE-2025-32714	Microsoft Windows Installer Service Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
ZDI-25-332	ZDI-CAN-26710	Microsoft	CVE-2025-33075	Microsoft Windows Installer Service Link Following Local Privilege Escalation Vulnerability
ZDI-25-331	ZDI-CAN-26852	Autodesk	CVE-2025-5036	Autodesk Revit RFA File Parsing Use-After-Free Remote Code Execution Vulnerability
ZDI-25-330	ZDI-CAN-26292	WOLFBOX	CVE-2025-5751	(0Day) (Pwn2Own) WOLFBOX Level 2 EV Charger Management Card Hard-coded Credentials Authentication Bypass Vulnerability
ZDI-25-329	ZDI-CAN-26294	WOLFBOX	CVE-2025-5750	(0Day) (Pwn2Own) WOLFBOX Level 2 EV Charger tuya_svc_devos_activate_result_parse Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-328	ZDI-CAN-26295	WOLFBOX	CVE-2025-5749	(0Day) (Pwn2Own) WOLFBOX Level 2 EV Charger BLE Encryption Keys Uninitialized Variable Authentication Bypass Vulnerability
ZDI-25-327	ZDI-CAN-26349	WOLFBOX	CVE-2025-5748	(0Day) (Pwn2Own) WOLFBOX Level 2 EV Charger LAN OTA Exposed Dangerous Method Remote Code Execution Vulnerability
ZDI-25-326	ZDI-CAN-26501	WOLFBOX	CVE-2025-5747	(0Day) (Pwn2Own) WOLFBOX Level 2 EV Charger MCU Command Parsing Misinterpretation of Input Remote Code Execution Vulnerability
ZDI-25-325	ZDI-CAN-25954	Hewlett Packard Enterprise	CVE-2025-37099	Hewlett Packard Enterprise Insight Remote Support processAttachmentDataStream Directory Traversal Remote Code Execution Vulnerability
ZDI-25-324	ZDI-CAN-26168	Sante	CVE-2025-5481	Sante DICOM Viewer Pro DCM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-323	ZDI-CAN-26767	Action1	CVE-2025-5480	Action1 Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
ZDI-25-322	ZDI-CAN-26962	2BrightSparks	CVE-2025-5474	2BrightSparks SyncBackFree Link Following Local Privilege Escalation Vulnerability
ZDI-25-321	ZDI-CAN-26752	GIMP	CVE-2025-5473	GIMP ICO File Parsing Integer Overflow Remote Code Execution Vulnerability
ZDI-25-320	ZDI-CAN-26279	SolarWinds	CVE-2025-26396	SolarWinds DameWare Mini Remote Control Service Incorrect Permissions Local Privilege Escalation Vulnerability
ZDI-25-319	ZDI-CAN-25316	Hewlett Packard Enterprise	CVE-2025-37096	Hewlett Packard Enterprise StoreOnce VSA getServerCertificate Command Injection Remote Code Execution Vulnerability
ZDI-25-318	ZDI-CAN-25315	Hewlett Packard Enterprise	CVE-2025-37095	Hewlett Packard Enterprise StoreOnce VSA getServerPayload Directory Traversal Information Disclosure Vulnerability
ZDI-25-317	ZDI-CAN-25314	Hewlett Packard Enterprise	CVE-2025-37094	Hewlett Packard Enterprise StoreOnce VSA deletePackages Directory Traversal Arbitrary File Deletion Vulnerability
ZDI-25-316	ZDI-CAN-24985	Hewlett Packard Enterprise	CVE-2025-37093	Hewlett Packard Enterprise StoreOnce VSA Authentication Bypass Vulnerability
ZDI-25-315	ZDI-CAN-24984	Hewlett Packard Enterprise	CVE-2025-37092	Hewlett Packard Enterprise StoreOnce VSA queryHardwareReportLocally Command Injection Remote Code Execution Vulnerability
ZDI-25-314	ZDI-CAN-24983	Hewlett Packard Enterprise	CVE-2025-37091	Hewlett Packard Enterprise StoreOnce VSA doExecute Command Injection Remote Code Execution Vulnerability
ZDI-25-313	ZDI-CAN-24982	Hewlett Packard Enterprise	CVE-2025-37090	Hewlett Packard Enterprise StoreOnce VSA determineInclusionAndExtract Server-Side Request Forgery Vulnerability
ZDI-25-312	ZDI-CAN-24981	Hewlett Packard Enterprise	CVE-2025-37089	Hewlett Packard Enterprise StoreOnce VSA setLocateBeaconOnHardware Command Injection Remote Code Execution Vulnerability
ZDI-25-311	ZDI-CAN-25865	Sonos	CVE-2025-1051	(Pwn2Own) Sonos Era 300 Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-310	ZDI-CAN-26505	Linux	CVE-2025-22037	Linux Kernel ksmbd Session Setup Null Pointer Dereference Denial-of-Service Vulnerability
ZDI-25-309	ZDI-CAN-25779	Canon	CVE-2025-2146	(Pwn2Own) Canon imageCLASS MF656Cdw sfpcmAuthenticateSecAdmin Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-308	ZDI-CAN-25684	Adobe	CVE-2025-30310	Adobe Dreamweaver V8 Remote Code Execution Vulnerability
ZDI-25-307	ZDI-CAN-26711	Linux		Linux Kernel OpenvSwitch Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-306	ZDI-CAN-23513	Docker	CVE-2024-5652	Docker Desktop Helper Service Link Following Local Privilege Escalation Vulnerability
ZDI-25-305	ZDI-CAN-24156	Apple	CVE-2025-31219	Apple XNU kernel vm_map Race Condition Local Privilege Escalation Vulnerability
ZDI-25-304	ZDI-CAN-26603	Apple	CVE-2025-31251	Apple macOS JPEG Image Decoding Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-303	ZDI-CAN-26148	Apple	CVE-2025-24222	Apple Safari SandboxBroker ZIP File Processing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-302	ZDI-CAN-26650	Apple	CVE-2025-31239	Apple macOS CoreMedia Framework Memory Corruption Remote Code Execution Vulnerability
ZDI-25-301	ZDI-CAN-26150	Apple	CVE-2025-31238	Apple Safari Scrollbar Animation Use-After-Free Remote Code Execution Vulnerability
ZDI-25-300	ZDI-CAN-26714	Apple	CVE-2025-31209	Apple macOS PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-299	ZDI-CAN-26783	Apple	CVE-2025-31208	Apple macOS acv2 Codec Converter Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-298	ZDI-CAN-26826	Apple	CVE-2025-31233	Apple macOS MP4 File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-297	ZDI-CAN-24936	Trend Micro	CVE-2025-47867	Trend Micro Apex Central widget getBlock Local File Inclusion Remote Code Execution Vulnerability
ZDI-25-296	ZDI-CAN-25331	Trend Micro	CVE-2025-47866	Trend Micro Apex Central modTMCM Unrestricted File Upload Vulnerability
ZDI-25-295	ZDI-CAN-24938	Trend Micro	CVE-2025-47865	Trend Micro Apex Central widget getObjWGFServiceApiByApiName Local File Inclusion Remote Code Execution Vulnerability
ZDI-25-294	ZDI-CAN-26137	Microsoft	CVE-2025-29975	Microsoft PC Manager MSPCManagerService Link Following Local Privilege Escalation Vulnerability
ZDI-25-293	ZDI-CAN-26153	Microsoft	CVE-2025-29837	Microsoft Windows Installer Service Link Following Information Disclosure Vulnerability
ZDI-25-292	ZDI-CAN-27202	Mozilla	CVE-2025-4918	(Pwn2Own) Mozilla Firefox SpiderMonkey Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-291	ZDI-CAN-27172	Mozilla	CVE-2025-4919	(Pwn2Own) Mozilla Firefox IonMonkey JIT Compiler Integer Overflow Remote Code Execution Vulnerability
ZDI-25-290	ZDI-CAN-25727	Rockwell Automation	CVE-2025-3617	Rockwell Automation ThinManager ThinServer Link Following Local Privilege Escalation Vulnerability
ZDI-25-289	ZDI-CAN-25872	Rockwell Automation	CVE-2025-3618	Rockwell Automation ThinManager ThinServer Null Pointer Dereference Denial-of-Service Vulnerability
ZDI-25-288	ZDI-CAN-25181	Fortinet	CVE-2025-25254	Fortinet FortiWeb cgi_httpcontentrouting_post Directory Traversal Remote Code Execution Vulnerability
ZDI-25-287	ZDI-CAN-25977	JetBrains	CVE-2025-46618	JetBrains TeamCity Diagnostics Data Directory Cross-Site Scripting Vulnerability
ZDI-25-286	ZDI-CAN-26017	Dassault Systèmes	CVE-2025-1883	Dassault Systèmes eDrawings Viewer OBJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-285	ZDI-CAN-26029	Dassault Systèmes	CVE-2025-1884	Dassault Systèmes eDrawings Viewer SLDPRT File Parsing Use-After-Free Remote Code Execution Vulnerability
ZDI-25-284	ZDI-CAN-22063	MATE Desktop		MATE Desktop Atril Document Viewer EPUB File Parsing Directory Traversal Remote Code Execution Vulnerability
ZDI-25-283	ZDI-CAN-22225	MATE Desktop		MATE Desktop Atril Document Viewer CBT File Parsing Argument Injection Remote Code Execution Vulnerability
ZDI-25-282	ZDI-CAN-26502	Webmin	CVE-2025-2774	Webmin CRLF Injection Privilege Escalation Vulnerability
ZDI-25-281	ZDI-CAN-25017	Cisco	CVE-2025-20175	Cisco IOS XE SNMP SET cewProxyClass Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-280	ZDI-CAN-25024	Cisco	CVE-2025-20170	Cisco IOS XE SNMP GET-NEXT ciscoFlashChipCode Unexpected Sign Extension Denial-of-Service Vulnerability
ZDI-25-279	ZDI-CAN-25022	Cisco	CVE-2025-20173	Cisco IOS XE SNMP GET-NEXT cContextMappingBridgeDomainIdentifier Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-278	ZDI-CAN-25021	Cisco	CVE-2025-20176	Cisco IOS XE SNMP GET-NEXT ctspIpSgtValue Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-277	ZDI-CAN-25020	Cisco	CVE-2025-20175	Cisco IOS XE SNMP SET cewEventTime Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-276	ZDI-CAN-25019	Cisco	CVE-2025-20174	Cisco IOS XE SNMP GET-NEXT cilmCurrentImageLevel Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-275	ZDI-CAN-25018	Cisco	CVE-2025-20171	Cisco IOS XE SNMP GET-NEXT callHomeUserDefCmdName Unexpected Sign Extension Denial-of-Service Vulnerability
ZDI-25-274	ZDI-CAN-25575	Cisco	CVE-2025-20172	Cisco IOS XE SNMP OID Handling Out-Of-Bounds Read Denial-of-Service Vulnerability
ZDI-25-273	ZDI-CAN-25023	Cisco	CVE-2025-20172	Cisco IOS XE SNMP OID Handling Out-Of-Bounds Read Denial-of-Service Vulnerability
ZDI-25-272	ZDI-CAN-25576	Cisco	CVE-2025-20172	Cisco IOS XE SNMP OID Handling Out-Of-Bounds Read Denial-of-Service Vulnerability
ZDI-25-271	ZDI-CAN-25577	Cisco	CVE-2025-20172	Cisco IOS XE SNMP OID Handling Out-Of-Bounds Read Denial-of-Service Vulnerability
ZDI-25-270	ZDI-CAN-25030	Cisco	CVE-2025-20169	Cisco IOS XE SNMP GET-NEXT ciscoFlashFileSize Unexpected Sign Extension Denial-of-Service Vulnerability
ZDI-25-269	ZDI-CAN-25663	Synology	CVE-2024-10445	(Pwn2Own) Synology BeeStation BST150-4T Unnecessary Privileges Remote Code Execution Vulnerability
ZDI-25-268	ZDI-CAN-25448	GStreamer	CVE-2025-2759	GStreamer Incorrect Permission Assignment Local Privilege Escalation Vulnerability
ZDI-25-267	ZDI-CAN-26596	GStreamer	CVE-2025-3887	GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-266	ZDI-CAN-22235	Apache	CVE-2025-29953	Apache ActiveMQ NMS Body Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-265	ZDI-CAN-23800	Tesla	CVE-2025-2082	(Pwn2Own) Tesla Model 3 VCSEC Integer Overflow Remote Code Execution Vulnerability
ZDI-25-264	ZDI-CAN-23201	Tesla	CVE-2024-6032	(Pwn2Own) Tesla Model S Iris Modem ql_atfwd Command Injection Code Execution Vulnerability
ZDI-25-263	ZDI-CAN-23200	Tesla	CVE-2024-6030	(Pwn2Own) Tesla Model S oFono Unnecessary Privileges Sandbox Escape Vulnerability
ZDI-25-262	ZDI-CAN-23199	Tesla	CVE-2024-13943	(Pwn2Own) Tesla Model S Iris Modem QCMAP_ConnectionManager Improper Input Validation Sandbox Escape Vulnerability
ZDI-25-261	ZDI-CAN-23198	Tesla	CVE-2024-6031	(Pwn2Own) Tesla Model S oFono AT Command Heap-based Buffer Overflow Code Execution Vulnerability
ZDI-25-260	ZDI-CAN-23197	Tesla	CVE-2024-6029	(Pwn2Own) Tesla Model S Iris Modem Race Condition Firewall Bypass Vulnerability
ZDI-25-259	ZDI-CAN-23843	Adobe	CVE-2024-34098	(Pwn2Own) Adobe Acrobat Reader DC Collab Command Injection Remote Code Execution Vulnerability
ZDI-25-258	ZDI-CAN-23553	Adobe	CVE-2024-34099	(Pwn2Own) Adobe Acrobat Reader DC distributionURL JavaScript API Restrictions Bypass Vulnerability
ZDI-25-257	ZDI-CAN-23786	Oracle	CVE-2024-21113	(Pwn2Own) Oracle VirtualBox OHCI USB Controller Race Condition Local Privilege Escalation Vulnerability
ZDI-25-256	ZDI-CAN-26610	Avast	CVE-2025-3500	Avast Free Antivirus Integer Overflow Local Privilege Escalation Vulnerability
ZDI-25-255	ZDI-CAN-25730	Allegra	CVE-2025-3486	Allegra isZipEntryValide Directory Traversal Remote Code Execution Vulnerability
ZDI-25-254	ZDI-CAN-26524	Allegra	CVE-2025-3485	Allegra extractFileFromZip Directory Traversal Remote Code Execution Vulnerability
ZDI-25-253	ZDI-CAN-25726	SonicWALL	CVE-2025-32817	SonicWALL Connect Tunnel Link Following Denial-of-Service Vulnerability
ZDI-25-252	ZDI-CAN-23275	Cato Networks		(0Day) Cato Networks Cato Client for macOS Helper Service Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability
ZDI-25-251	ZDI-CAN-23942	Harman Becker	CVE-2025-3885	(0Day) Harman Becker MGU21 Bluetooth Improper Input Validation Denial-of-Service Vulnerability
ZDI-25-250	ZDI-CAN-24332	Cloudera	CVE-2025-3884	(0Day) Cloudera Hue Ace Editor Directory Traversal Information Disclosure Vulnerability
ZDI-25-249	ZDI-CAN-23115	eCharge Hardy Barth	CVE-2025-3883	(0Day) eCharge Hardy Barth cPH2 index.php Command Injection Remote Code Execution Vulnerability
ZDI-25-248	ZDI-CAN-23114	eCharge Hardy Barth	CVE-2025-3882	(0Day) eCharge Hardy Barth cPH2 nwcheckexec.php dest Command Injection Remote Code Execution Vulnerability
ZDI-25-247	ZDI-CAN-23113	eCharge Hardy Barth	CVE-2025-3881	(0Day) eCharge Hardy Barth cPH2 check_req.php ntp Command Injection Remote Code Execution Vulnerability
ZDI-25-246	ZDI-CAN-25842	MedDream	CVE-2025-3480	MedDream WEB DICOM Viewer Cleartext Transmission of Credentials Information Disclosure Vulnerability
ZDI-25-245	ZDI-CAN-25827	MedDream	CVE-2025-3481	MedDream PACS Server DICOM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-244	ZDI-CAN-25826	MedDream	CVE-2025-3482	MedDream PACS Server DICOM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-243	ZDI-CAN-25825	MedDream	CVE-2025-3483	MedDream PACS Server DICOM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-242	ZDI-CAN-25853	MedDream	CVE-2025-3484	MedDream PACS Server DICOM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-241	ZDI-CAN-25681	Trend Micro	CVE-2025-30642	Trend Micro Deep Security Agent Link Following Denial-of-Service Vulnerability
ZDI-25-240	ZDI-CAN-24931	Trend Micro	CVE-2025-30641	Trend Micro Deep Security Anti-Malware Solution Platform Link Following Local Privilege Escalation Vulnerability
ZDI-25-239	ZDI-CAN-24930	Trend Micro	CVE-2025-30640	Trend Micro Deep Security Link Following Local Privilege Escalation Vulnerability
ZDI-25-238	ZDI-CAN-25524	Trend Micro	CVE-2025-30680	Trend Micro Apex Central Query Server-Side Request Forgery Information Disclosure Vulnerability
ZDI-25-237	ZDI-CAN-24934	Trend Micro	CVE-2025-30679	Trend Micro Apex Central modOSCE Server-Side Request Forgery Information Disclosure Vulnerability
ZDI-25-236	ZDI-CAN-24939	Trend Micro	CVE-2025-30678	Trend Micro Apex Central modTMSM Server-Side Request Forgery Information Disclosure Vulnerability
ZDI-25-235	ZDI-CAN-25953	Ivanti	CVE-2025-22461	Ivanti Endpoint Manager OpenRecordSet SQL Injection Remote Code Execution Vulnerability
ZDI-25-234	ZDI-CAN-25985	Microsoft	CVE-2025-29812	Microsoft Windows dxkrnl Untrusted Pointer Dereference Local Privilege Escalation Vulnerability
ZDI-25-233	ZDI-CAN-24586	Luxion	CVE-2025-1045	Luxion KeyShot Viewer KSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-232	ZDI-CAN-23694	Luxion	CVE-2025-1047	Luxion KeyShot PVS File Parsing Access of Uninitialized Pointer Remote Code Execution Vulnerability
ZDI-25-231	ZDI-CAN-23646	Luxion	CVE-2025-1046	Luxion KeyShot SKP File Parsing Use-After-Free Remote Code Execution Vulnerability
ZDI-25-230	ZDI-CAN-25651	Samsung	CVE-2024-49413	(Pwn2Own) Samsung Galaxy S24 Smart Switch Agent Improper Verification of Cryptographic Signature Remote Code Execution Vulnerability
ZDI-25-229	ZDI-CAN-25650	Samsung	CVE-2024-49421	(Pwn2Own) Samsung Galaxy S24 Quick Share Directory Traversal Arbitrary File Write Vulnerability
ZDI-25-228	ZDI-CAN-25649	Samsung		(Pwn2Own) Samsung Galaxy S24 Quick Share Insufficient UI Warning Arbitrary File Write Vulnerability
ZDI-25-227	ZDI-CAN-25648	Samsung	CVE-2024-49420	(Pwn2Own) Samsung Galaxy S24 Gaming Hub Exposed Dangerous Method Local Privilege Escalation Vulnerability
ZDI-25-226	ZDI-CAN-25581	Samsung	CVE-2024-49419, CVE-2024-49418	(Pwn2Own) Samsung Galaxy S24 Gaming Hub Improper Input Validation Privilege Escalation Vulnerability
ZDI-25-225	ZDI-CAN-25606	Sonos	CVE-2025-1050	(Pwn2Own) Sonos Era 300 Out-of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-224	ZDI-CAN-25601	Sonos	CVE-2025-1049	(Pwn2Own) Sonos Era 300 Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-223	ZDI-CAN-25535	Sonos	CVE-2025-1048	(Pwn2Own) Sonos Era 300 Speaker libsmb2 Use-After-Free Remote Code Execution Vulnerability
ZDI-25-222	ZDI-CAN-25674	Lexmark	CVE-2024-11346	(Pwn2Own) Lexmark CX331adwe concatstrings Type Confusion Information Disclosure Vulnerability
ZDI-25-221	ZDI-CAN-25849	Lexmark		(Pwn2Own) Lexmark CX331adwe httpd extract-trace Link Following Local Privilege Escalation Vulnerability
ZDI-25-220	ZDI-CAN-25848	Lexmark		(Pwn2Own) Lexmark CX331adwe basic_auth.cgi PATH_TRANSLATED Directory Traversal Remote Code Execution Vulnerability
ZDI-25-219	ZDI-CAN-25676	Lexmark	CVE-2024-11347	(Pwn2Own) Lexmark CX331adwe JBIG2 File Parsing new_image Integer Overflow Remote Code Execution Vulnerability
ZDI-25-218	ZDI-CAN-25621	Lexmark	CVE-2024-11345	(Pwn2Own) Lexmark CX331adwe JPEG2000 Memory Corruption Remote Code Execution Vulnerability
ZDI-25-217	ZDI-CAN-25539	Lexmark	CVE-2024-11344	(Pwn2Own) Lexmark CX331adwe loadCFFdata Type Confusion Remote Code Execution Vulnerability
ZDI-25-216	ZDI-CAN-25538	Synology	CVE-2024-11131	(Pwn2Own) Synology TC500 ONVIF Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-215	ZDI-CAN-25487	Synology	CVE-2024-10444	(Pwn2Own) Synology DiskStation DS1823xs+ LDAP Client Improper Certificate Validation Authentication Bypass Vulnerability
ZDI-25-214	ZDI-CAN-25403	Synology	CVE-2024-10441	(Pwn2Own) Synology DiskStation DS1823xs+ Vue.JS Improper Neutralization of Argument Delimiters Remote Code Execution Vulnerability
ZDI-25-213	ZDI-CAN-25659	Synology	CVE-2024-50631	(Pwn2Own) Synology BeeStation BST150-4T SQL Injection Remote Code Execution Vulnerability
ZDI-25-212	ZDI-CAN-25658	Synology	CVE-2024-50630	(Pwn2Own) Synology BeeStation BST150-4T Improper Authentication Vulnerability
ZDI-25-211	ZDI-CAN-25613	Synology	CVE-2024-50629	(Pwn2Own) Synology BeeStation BST150-4T CRLF Injection Information Disclosure Vulnerability
ZDI-25-210	ZDI-CAN-25662	Synology	CVE-2024-10445	(Pwn2Own) Synology BeeStation BST150-4T Improper Input Validation Remote Code Execution Vulnerability
ZDI-25-209	ZDI-CAN-25617	Synology	CVE-2024-10445	(Pwn2Own) Synology BeeStation BST150-4T Cleartext Transmission of Sensitive Information Vulnerability
ZDI-25-208	ZDI-CAN-25607	Synology	CVE-2024-10442	(Pwn2Own) Synology DiskStation DS1823xs+ Replication Service Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-207	ZDI-CAN-25623	Synology	CVE-2024-10443	(Pwn2Own) Synology BeeStation BST150-4T Command Injection Remote Code Execution Vulnerability
ZDI-25-206	ZDI-CAN-25427	Amazon		Amazon AWS CloudFormation Templates Uncontrolled Search Path Element Remote Code Execution Vulnerability
ZDI-25-205	ZDI-CAN-25426	Amazon		Amazon AWS CloudFormation Templates Uncontrolled Search Path Element Remote Code Execution Vulnerability
ZDI-25-204	ZDI-CAN-25100	GIMP	CVE-2025-2761	GIMP FLI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-203	ZDI-CAN-25082	GIMP	CVE-2025-2760	GIMP XWD File Parsing Integer Overflow Remote Code Execution Vulnerability
ZDI-25-202	ZDI-CAN-25559	Fortinet	CVE-2024-55597	Fortinet FortiWeb cgi_xmlprotection_xmlschemafile_post Directory Traversal Arbitrary File Write Vulnerability
ZDI-25-201	ZDI-CAN-25572	Trend Micro	CVE-2025-27529	Trend Micro Cleaner One Pro Link Following Denial-of-Service Vulnerability
ZDI-25-200	ZDI-CAN-26250	Exim	CVE-2025-30232	Exim Use-After-Free Local Privilege Escalation Vulnerability
ZDI-25-199	ZDI-CAN-25970	Autodesk	CVE-2025-1660	Autodesk Navisworks Freedom DWFX File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-198	ZDI-CAN-25968	Autodesk	CVE-2025-1659	Autodesk Navisworks Freedom DWFX File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-197	ZDI-CAN-25971	Autodesk	CVE-2025-1658	Autodesk Navisworks Freedom DWFX File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-196	ZDI-CAN-25736	Apple	CVE-2025-24185	Apple macOS ICC Profile Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-195	ZDI-CAN-25812	Apple	CVE-2025-24210	Apple macOS CoreGraphics Image Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-194	ZDI-CAN-26063	Apple	CVE-2025-24256	Apple macOS AppleIntelKBLGraphics Time-Of-Check Time-Of-Use Information Disclosure Vulnerability
ZDI-25-193	ZDI-CAN-26154	Apple	CVE-2025-24182	Apple macOS CoreText Font Glyphs Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-192	ZDI-CAN-26494	Apple	CVE-2025-24190	Apple macOS MP4 File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-191	ZDI-CAN-26497	Apple	CVE-2025-24211	Apple macOS MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-190	ZDI-CAN-26495	Apple	CVE-2025-24230	Apple macOS MP4 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-189	ZDI-CAN-26248	Apple	CVE-2025-24243	Apple macOS AudioToolbox AMR File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-188	ZDI-CAN-26247	Apple	CVE-2025-24244	Apple macOS AudioToolboxCore WAV File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-187	ZDI-CAN-25903	BEC Technologies	CVE-2025-2773	(0Day) BEC Technologies Multiple Routers sys ping Command Injection Remote Code Execution Vulnerability
ZDI-25-186	ZDI-CAN-25986	BEC Technologies	CVE-2025-2770	(0Day) BEC Technologies Multiple Routers Cleartext Password Storage Information Disclosure Vulnerability
ZDI-25-185	ZDI-CAN-25895	BEC Technologies	CVE-2025-2772	(0Day) BEC Technologies Multiple Routers Insufficiently Protected Credentials Information Disclosure Vulnerability
ZDI-25-184	ZDI-CAN-25894	BEC Technologies	CVE-2025-2771	(0Day) BEC Technologies Multiple Routers Authentication Bypass Vulnerability
ZDI-25-183	ZDI-CAN-25295	Bdrive	CVE-2025-2769	(0Day) Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
ZDI-25-182	ZDI-CAN-25041	Bdrive	CVE-2025-2768	(0Day) Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
ZDI-25-181	ZDI-CAN-24407	Arista	CVE-2025-2767	(0Day) Arista NG Firewall User-Agent Cross-Site Scripting Remote Code Execution Vulnerability
ZDI-25-180	ZDI-CAN-24996	70mai	CVE-2025-2766	(0Day) 70mai A510 Use of Default Password Authentication Bypass Vulnerability
ZDI-25-179	ZDI-CAN-24356	CarlinKit	CVE-2025-2763	(0Day) CarlinKit CPC200-CCPA Improper Verification of Cryptographic Signature Code Execution Vulnerability
ZDI-25-178	ZDI-CAN-24355	CarlinKit	CVE-2025-2764	(0Day) CarlinKit CPC200-CCPA update.cgi Improper Verification of Cryptographic Signature Code Execution Vulnerability
ZDI-25-177	ZDI-CAN-24349	CarlinKit	CVE-2025-2765	(0Day) CarlinKit CPC200-CCPA Wireless Hotspot Hard-Coded Credentials Authentication Bypass Vulnerability
ZDI-25-176	ZDI-CAN-25948	CarlinKit	CVE-2025-2762	(0Day) CarlinKit CPC200-CCPA Missing Root of Trust Local Privilege Escalation Vulnerability
ZDI-25-175	ZDI-CAN-23709	Luxion	CVE-2025-2532	(0Day) Luxion KeyShot USDC File Parsing Use-After-Free Remote Code Execution Vulnerability
ZDI-25-174	ZDI-CAN-23704	Luxion	CVE-2025-2531	(0Day) Luxion KeyShot DAE File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-173	ZDI-CAN-23698	Luxion	CVE-2025-2530	(0Day) Luxion KeyShot DAE File Parsing Access of Uninitialized Pointer Remote Code Execution Vulnerability
ZDI-25-172	ZDI-CAN-25319	Apple	CVE-2025-24124	Apple macOS MOV File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-171	ZDI-CAN-25242	Apple	CVE-2024-54500	Apple macOS ImageIO Pixel Conversion Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-170	ZDI-CAN-25546	Apple	CVE-2024-54501	Apple macOS WindowServer Denial-of-Service Vulnerability
ZDI-25-169	ZDI-CAN-25201	Apple	CVE-2024-54497	Apple macOS WindowServer Unchecked Input for Loop Condition Denial-of-Service Vulnerability
ZDI-25-168	ZDI-CAN-25370	Apple	CVE-2025-24123	Apple macOS MOV File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-167	ZDI-CAN-25735	Apple	CVE-2025-24139	Apple macOS ICC Profile Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-166	ZDI-CAN-25338	Apple	CVE-2024-54486	Apple macOS libFontParser Glyph Mapping Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-165	ZDI-CAN-25661	Apple	CVE-2024-54499	Apple macOS ImageIO JPG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-164	ZDI-CAN-25808	Apple	CVE-2025-24149	Apple SceneKit Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-163	ZDI-CAN-26554	Autodesk	CVE-2025-1652	Autodesk AutoCAD MODEL File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-162	ZDI-CAN-25695	Autodesk	CVE-2025-1427	Autodesk AutoCAD CATProduct File Parsing Uninitialized Variable Remote Code Execution Vulnerability
ZDI-25-161	ZDI-CAN-25767	Autodesk	CVE-2025-1428	Autodesk AutoCAD CATPART File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-160	ZDI-CAN-25784	Autodesk	CVE-2025-1429	Autodesk AutoCAD MODEL File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-159	ZDI-CAN-25811	Autodesk	CVE-2025-1649	Autodesk AutoCAD CATPRODUCT File Parsing Uninitialized Variable Remote Code Execution Vulnerability
ZDI-25-158	ZDI-CAN-25951	Autodesk	CVE-2025-1650	Autodesk AutoCAD CATProduct File Parsing Uninitialized Variable Remote Code Execution Vulnerability
ZDI-25-157	ZDI-CAN-25952	Autodesk	CVE-2025-1651	Autodesk AutoCAD MODEL File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-156	ZDI-CAN-25989	Autodesk	CVE-2025-1430	Autodesk AutoCAD SLDPRT File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-155	ZDI-CAN-26521	Autodesk	CVE-2025-1433	Autodesk AutoCAD MODEL File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-154	ZDI-CAN-26135	Autodesk	CVE-2025-1432	Autodesk AutoCAD 3DM File Parsing Use-After-Free Remote Code Execution Vulnerability
ZDI-25-153	ZDI-CAN-25997	Autodesk	CVE-2025-1431	Autodesk AutoCAD SLDPRT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-152	ZDI-CAN-25481	Rockwell Automation	CVE-2024-12130	Rockwell Automation Arena Simulation DOE File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-151	ZDI-CAN-25708	Progress Software	CVE-2025-1758	Progress Software Kemp LoadMaster mangle Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-150	ZDI-CAN-26371	Microsoft	CVE-2025-26633	Microsoft Windows MSC File Insufficient UI Warning Remote Code Execution Vulnerability
ZDI-25-149	ZDI-CAN-26251	Adobe	CVE-2025-271561	Adobe Acrobat Reader DC AcroForm Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-148	ZDI-CAN-25373	Microsoft	CVE-2025-9491	(0Day) Microsoft Windows LNK File UI Misrepresentation Remote Code Execution Vulnerability
ZDI-25-147	ZDI-CAN-22833	NI	CVE-2025-2450	(0Day) NI Vision Builder AI VBAI File Processing Missing Warning Remote Code Execution Vulnerability
ZDI-25-146	ZDI-CAN-21805	NI	CVE-2025-2449	(0Day) NI FlexLogger usiReg URI File Parsing Directory Traversal Remote Code Execution Vulnerability
ZDI-25-145	ZDI-CAN-25794	NVIDIA	CVE-2025-23242	NVIDIA Riva Triton Inference Server Missing Authentication Vulnerability
ZDI-25-144	ZDI-CAN-25682	NVIDIA	CVE-2025-23243	NVIDIA Riva gRPC API Missing Authentication for Critical Function Authentication Bypass Vulnerability
ZDI-25-143	ZDI-CAN-25544	X.Org	CVE-2025-26594	X.Org Server ChangeWindowAttributes Use-After-Free Privilege Escalation Vulnerability
ZDI-25-142	ZDI-CAN-25545	X.Org	CVE-2025-26595	X.Org Server XkbVModMaskText Stack-based Buffer Overflow Privilege Escalation Vulnerability
ZDI-25-141	ZDI-CAN-25543	X.Org	CVE-2025-26596	X.Org Server XkbSizeKeySyms Heap-based Buffer Overflow Privilege Escalation Vulnerability
ZDI-25-140	ZDI-CAN-25683	X.Org	CVE-2025-26597	X.Org Server XkbChangeTypesOfKey Heap-based Buffer Overflow Privilege Escalation Vulnerability
ZDI-25-139	ZDI-CAN-25740	X.Org	CVE-2025-26598	X.Org Server CreatePointerBarrierClient Out-Of-Bounds Write Local Privilege Escalation Vulnerability
ZDI-25-138	ZDI-CAN-25851	X.Org	CVE-2025-26599	X.Org Server compRedirectWindow Type Confusion Local Privilege Escalation Vulnerability
ZDI-25-137	ZDI-CAN-25871	X.Org	CVE-2025-26600	X.Org Server PlayReleasedEvents Use-After-Free Local Privilege Escalation Vulnerability
ZDI-25-136	ZDI-CAN-25870	X.Org	CVE-2025-26601	X.Org Server SyncInitTrigger Use-After-Free Local Privilege Escalation Vulnerability
ZDI-25-135	ZDI-CAN-26232	Adobe	CVE-2025-27162	Adobe Acrobat Reader DC AcroForm Use of Uninitialized Variable Remote Code Execution Vulnerability
ZDI-25-134	ZDI-CAN-25734	Adobe	CVE-2025-24431	Adobe Acrobat Reader DC Doc Object Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-133	ZDI-CAN-26231	Adobe	CVE-2025-27174	Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability
ZDI-25-132	ZDI-CAN-26147	Adobe	CVE-2025-27159	Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability
ZDI-25-131	ZDI-CAN-26169	Adobe	CVE-2025-27160	Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability
ZDI-25-130	ZDI-CAN-25443	Siemens	CVE-2025-25175	Siemens Simcenter Femap NEU File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-129	ZDI-CAN-25473	PDF-XChange	CVE-2025-2231	PDF-XChange Editor RTF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-128	ZDI-CAN-21907	NI	CVE-2024-12742	NI G Web Development GWEBPROJECT File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-127	ZDI-CAN-25615	Samsung	CVE-2025-2233	(0Day) (Pwn2Own) Samsung SmartThings Improper Verification of Cryptographic Signature Authentication Bypass Vulnerability
ZDI-25-126	ZDI-CAN-25276	Ashlar-Vellum	CVE-2025-2022	(0Day) Ashlar-Vellum Cobalt VS File Parsing Type Confusion Remote Code Execution Vulnerability
ZDI-25-125	ZDI-CAN-25264	Ashlar-Vellum	CVE-2025-2021	(0Day) Ashlar-Vellum Cobalt XE File Parsing Integer Overflow Remote Code Execution Vulnerability
ZDI-25-124	ZDI-CAN-25254	Ashlar-Vellum	CVE-2025-2020	(0Day) Ashlar-Vellum Cobalt VC6 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-123	ZDI-CAN-25252	Ashlar-Vellum	CVE-2025-2019	(0Day) Ashlar-Vellum Cobalt VC6 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-122	ZDI-CAN-25348	Ashlar-Vellum	CVE-2025-2023	(0Day) Ashlar-Vellum Cobalt LI File Parsing Integer Overflow Remote Code Execution Vulnerability
ZDI-25-121	ZDI-CAN-25240	Ashlar-Vellum	CVE-2025-2017	(0Day) Ashlar-Vellum Cobalt CO File Parsing Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-120	ZDI-CAN-25186	Ashlar-Vellum	CVE-2025-2013	(0Day) Ashlar-Vellum Cobalt CO File Parsing Use-After-Free Remote Code Execution Vulnerability
ZDI-25-119	ZDI-CAN-25185	Ashlar-Vellum	CVE-2025-2012	(0Day) Ashlar-Vellum Cobalt VS File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-118	ZDI-CAN-25245	Ashlar-Vellum	CVE-2025-2018	(0Day) Ashlar-Vellum Cobalt VS File Parsing Type Confusion Remote Code Execution Vulnerability
ZDI-25-117	ZDI-CAN-25238	Ashlar-Vellum	CVE-2025-2016	(0Day) Ashlar-Vellum Cobalt VC6 File Parsing Type Confusion Remote Code Execution Vulnerability
ZDI-25-116	ZDI-CAN-25236	Ashlar-Vellum	CVE-2025-2015	(0Day) Ashlar-Vellum Cobalt VS File Parsing Type Confusion Remote Code Execution Vulnerability
ZDI-25-115	ZDI-CAN-25235	Ashlar-Vellum	CVE-2025-2014	(0Day) Ashlar-Vellum Cobalt VS File Parsing Use of Uninitialized Variable Remote Code Execution Vulnerability
ZDI-25-114	ZDI-CAN-25312	Ivanti	CVE-2024-13171	Ivanti Endpoint Manager Patch Unrestricted File Upload Remote Code Execution Vulnerability
ZDI-25-113	ZDI-CAN-25882	Autodesk	CVE-2024-12198	Autodesk Navisworks Freedom DWFX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-112	ZDI-CAN-25869	Autodesk	CVE-2024-12193	Autodesk Navisworks Freedom DWFX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-111	ZDI-CAN-25210	Trimble	CVE-2025-2024	Trimble SketchUp SKP File Parsing Uninitialized Variable Remote Code Execution Vulnerability
ZDI-25-110	ZDI-CAN-25013	SEW-EURODRIVE		SEW-EURODRIVE MOVITOOLS MotionStudio mticomp0 ICP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-109	ZDI-CAN-24001	Apache	CVE-2024-56325	Apache Pinot Improper Neutralization of Special Elements Authentication Bypass Vulnerability
ZDI-25-108	ZDI-CAN-26611	HP	CVE-2025-26507	(Pwn2Own) HP LaserJet Pro MFP 3301fdw suidexec Command Injection Local Privilege Escalation Vulnerability
ZDI-25-107	ZDI-CAN-25594	HP	CVE-2025-26506	(Pwn2Own) HP LaserJet Pro MFP 3301fdw PostScript File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-106	ZDI-CAN-25533	HP	CVE-2025-26508	(Pwn2Own) HP LaserJet Pro MFP 3301fdw PostScript File Parsing Type Confusion Remote Code Execution Vulnerability
ZDI-25-105	ZDI-CAN-21908	NI	CVE-2024-12741	NI DAQExpress LVPROJECT File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-104	ZDI-CAN-25334	SolarWinds	CVE-2024-52606	SolarWinds Platform TestWebsiteUrl Server-Side Request Forgery Information Disclosure Vulnerability
ZDI-25-103	ZDI-CAN-25031	Delta Electronics		(0Day) Delta Electronics ISPSoft CBDGL File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-102	ZDI-CAN-25225	Delta Electronics		(0Day) Delta Electronics ISPSoft DVP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-101	ZDI-CAN-25284	Delta Electronics		(0Day) Delta Electronics ISPSoft DVP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-100	ZDI-CAN-25737	Linux		Linux Kernel ksmbd Session Setup Race Condition Remote Code Execution Vulnerability
ZDI-25-099	ZDI-CAN-25350	PostHog	CVE-2025-1520	PostHog ClickHouse Table Functions SQL Injection Remote Code Execution Vulnerability
ZDI-25-098	ZDI-CAN-25300	Delta Electronics	CVE-2025-22880	Delta Electronics CNCSoft-G2 DPAX File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-097	ZDI-CAN-25358	PostHog	CVE-2025-1522	PostHog database_schema Server-Side Request Forgery Information Disclosure Vulnerability
ZDI-25-096	ZDI-CAN-25352	PostHog	CVE-2025-1521	PostHog slack_incoming_webhook Server-Side Request Forgery Information Disclosure Vulnerability
ZDI-25-095	ZDI-CAN-25180	Fortinet	CVE-2024-50569	Fortinet FortiWeb gui_upload_compress_act Command Injection Remote Code Execution Vulnerability
ZDI-25-094	ZDI-CAN-25182	Fortinet	CVE-2024-50567	Fortinet FortiWeb cgi_grpc_idl_file_post Command Injection Remote Code Execution Vulnerability
ZDI-25-093	ZDI-CAN-26551	Apple	CVE-2024-27834	(Pwn2Own) Apple Safari Pointer Authentication Code Bypass Vulnerability
ZDI-25-092	ZDI-CAN-23795	Apple	CVE-2024-27833	(Pwn2Own) Apple Safari B3 JIT Compiler Integer Underflow Remote Code Execution Vulnerability
ZDI-25-091	ZDI-CAN-25761	Microsoft	CVE-2025-21373	Microsoft Windows Installer Service Link Following Local Privilege Escalation Vulnerability
ZDI-25-090	ZDI-CAN-25393	Microsoft	CVE-2025-21404	Microsoft Edge UI Misrepresentation Remote Code Execution Vulnerability
ZDI-25-089	ZDI-CAN-24785	mySCADA	CVE-2025-20014	mySCADA myPRO Command Injection Remote Code Execution Vulnerability
ZDI-25-088	ZDI-CAN-24784	mySCADA	CVE-2025-20061	mySCADA myPRO Command Injection Remote Code Execution Vulnerability
ZDI-25-087	ZDI-CAN-26525	NVIDIA	CVE-2025-23359	NVIDIA Container Toolkit mount_files Time-Of-Check Time-Of-Use Race Condition Privilege Escalation Vulnerability
ZDI-25-086	ZDI-CAN-25368	PDF-XChange	CVE-2025-0900	PDF-XChange Editor PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-085	ZDI-CAN-25336	Logsign	CVE-2025-1044	Logsign Unified SecOps Platform Authentication Bypass Vulnerability
ZDI-25-084	ZDI-CAN-23382	Mintty	CVE-2025-1052	Mintty Sixel Image Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-083	ZDI-CAN-24690	Microsoft		Microsoft Edge ms-its: Scheme Remote Code Execution Vulnerability
ZDI-25-082	ZDI-CAN-25014	Parallels	CVE-2025-0413	Parallels Desktop Technical Data Reporter Link Following Local Privilege Escalation Vulnerability
ZDI-25-081	ZDI-CAN-25816	TeamViewer	CVE-2025-0065	TeamViewer Improper Neutralization of Argument Delimiters Local Privilege Escalation Vulnerability
ZDI-25-080	ZDI-CAN-22834	NI	CVE-2024-12740	NI Vision Builder AI JPG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-079	ZDI-CAN-22611	NI	CVE-2024-12740	NI Vision Development Module Vision Assistant JPG File Parsing Out-of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-078	ZDI-CAN-22884	NI	CVE-2024-12740	NI Vision Builder AI JPG File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-077	ZDI-CAN-22663	NI	CVE-2024-12740	NI Vision Development Module Vision Assistant JPG File Parsing Out-of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-076	ZDI-CAN-25094	NoMachine	CVE-2024-9632	NoMachine Incorrect Permission Assignment Local Privilege Escalation Vulnerability
ZDI-25-075	ZDI-CAN-25622	Canon	CVE-2024-12649	(Pwn2Own) Canon imageCLASS MF656Cdw TTF Parsing Write-What-Where Condition Remote Code Execution Vulnerability
ZDI-25-074	ZDI-CAN-25592	Canon	CVE-2024-12648	(Pwn2Own) Canon imageCLASS MF656Cdw TIF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-073	ZDI-CAN-25490	Canon	CVE-2024-12647	(Pwn2Own) Canon imageCLASS MF656Cdw listObjects2 Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-072	ZDI-CAN-25405	PDF-XChange	CVE-2025-0902	PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-071	ZDI-CAN-25422	PDF-XChange	CVE-2025-0904	PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-070	ZDI-CAN-25421	PDF-XChange	CVE-2025-0903	PDF-XChange Editor RTF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-069	ZDI-CAN-25435	PDF-XChange	CVE-2025-0907	PDF-XChange Editor JB2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-068	ZDI-CAN-25434	PDF-XChange	CVE-2025-0906	PDF-XChange Editor JB2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-067	ZDI-CAN-25433	PDF-XChange	CVE-2025-0905	PDF-XChange Editor JB2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-066	ZDI-CAN-25957	PDF-XChange	CVE-2025-0911	PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-065	ZDI-CAN-25748	PDF-XChange	CVE-2025-0910	PDF-XChange Editor U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-064	ZDI-CAN-25678	PDF-XChange	CVE-2025-0909	PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-063	ZDI-CAN-25557	PDF-XChange	CVE-2025-0908	PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-062	ZDI-CAN-25372	PDF-XChange	CVE-2025-0901	PDF-XChange Editor Doc Object Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-061	ZDI-CAN-25349	PDF-XChange	CVE-2025-0899	PDF-XChange Editor AcroForm Use-After-Free Remote Code Execution Vulnerability
ZDI-25-060	ZDI-CAN-25396	Google	CVE-2024-9954	Google Chrome AI Manager Use-After-Free Remote Code Execution Vulnerability
ZDI-25-059	ZDI-CAN-25000	Siemens	CVE-2024-53041	Siemens Tecnomatix Plant Simulation WRL File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-25-058	ZDI-CAN-25206	Siemens	CVE-2024-53242	Siemens Tecnomatix Plant Simulation WRL File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-25-057	ZDI-CAN-25205	Siemens	CVE-2024-45471	Siemens Tecnomatix Plant Simulation WRL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-056	ZDI-CAN-25202	Siemens	CVE-2024-45469	Siemens Tecnomatix Plant Simulation WRL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-055	ZDI-CAN-25318	Sante	CVE-2025-0574	Sante PACS Server URL path Memory Corruption Denial-of-Service Vulnerability
ZDI-25-054	ZDI-CAN-25308	Sante	CVE-2025-0572	Sante PACS Server Web Portal DCM File Parsing Directory Traversal Arbitrary File Write Vulnerability
ZDI-25-053	ZDI-CAN-25309	Sante	CVE-2025-0573	Sante PACS Server DCM File Parsing Directory Traversal Arbitrary File Write Vulnerability
ZDI-25-052	ZDI-CAN-25303	Sante	CVE-2025-0569	Sante PACS Server DCM File Parsing Memory Corruption Denial-of-Service Vulnerability
ZDI-25-051	ZDI-CAN-25305	Sante	CVE-2025-0571	Sante PACS Server Web Portal DCM File Parsing Memory Corruption Denial-of-Service Vulnerability
ZDI-25-050	ZDI-CAN-25304	Sante	CVE-2025-0570	Sante PACS Server Web Portal DCM File Parsing Memory Corruption Denial-of-Service Vulnerability
ZDI-25-049	ZDI-CAN-25302	Sante	CVE-2025-0568	Sante PACS Server DCM File Parsing Memory Corruption Denial-of-Service Vulnerability
ZDI-25-048	ZDI-CAN-24012	Apple	CVE-2024-27856	Apple WebKit WebCore ContainerNode Use-After-Free Remote Code Execution Vulnerability
ZDI-25-047	ZDI-CAN-24986	WinZip Computing	CVE-2025-1240	WinZip 7Z File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-25-046	ZDI-CAN-25333	Adobe	CVE-2025-21127	Adobe Photoshop node_modules Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
ZDI-25-045	ZDI-CAN-25456	7-Zip	CVE-2025-0411	7-Zip Mark-of-the-Web Bypass Vulnerability
ZDI-25-044	ZDI-CAN-25713	Ivanti	CVE-2024-13179	Ivanti Avalanche SecureFilter Authentication Bypass Vulnerability
ZDI-25-043	ZDI-CAN-25712	Ivanti	CVE-2024-13180	Ivanti Avalanche Faces ResourceManager Information Disclosure Vulnerability
ZDI-25-042	ZDI-CAN-25711	Ivanti	CVE-2024-13181	Ivanti Avalanche SecureFilter allowPassThrough Authentication Bypass Vulnerability
ZDI-25-041	ZDI-CAN-25929	Ivanti	CVE-2024-13162	Ivanti Endpoint Manager updateAssetInfo SQL Injection Remote Code Execution Vulnerability
ZDI-25-040	ZDI-CAN-25432	Ivanti	CVE-2024-13163	Ivanti Endpoint Manager DecodeBase64Object Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-25-039	ZDI-CAN-25431	Ivanti	CVE-2024-13164	Ivanti Endpoint Manager AlertService Uninitialized Memory Information Disclosure Vulnerability
ZDI-25-038	ZDI-CAN-25420	Ivanti	CVE-2024-13165	Ivanti Endpoint Manager Improper Input Validation AlertService Denial-of-Service Vulnerability
ZDI-25-037	ZDI-CAN-25419	Ivanti	CVE-2024-13166	Ivanti Endpoint Manager AlertService Improper Input Validation Denial-of-Service Vulnerability
ZDI-25-036	ZDI-CAN-25418	Ivanti	CVE-2024-13167	Ivanti Endpoint Manager AlertService Improper Input Validation Denial-of-Service Vulnerability
ZDI-25-035	ZDI-CAN-25417	Ivanti	CVE-2024-13168	Ivanti Endpoint Manager AlertService Improper Input Validation Denial-of-Service Vulnerability
ZDI-25-034	ZDI-CAN-25416	Ivanti	CVE-2024-13169	Ivanti Endpoint Manager AlertService Type Confusion Information Disclosure Vulnerability
ZDI-25-033	ZDI-CAN-25415	Ivanti	CVE-2024-13170	Ivanti Endpoint Manager AlertService Improper Input Validation Denial-of-Service Vulnerability
ZDI-25-032	ZDI-CAN-25249	Ivanti	CVE-2024-13172	Ivanti Endpoint Manager HIIDriver Improper Verification of Cryptographic Signature Remote Code Execution Vulnerability
ZDI-25-031	ZDI-CAN-25209	Ivanti	CVE-2024-13158	Ivanti Endpoint Manager MyResolveEventHandler Untrusted Search Path Remote Code Execution Vulnerability
ZDI-25-030	ZDI-CAN-25187	Microsoft	CVE-2025-21363	Microsoft Office Word DOCX File Parsing Uninitialized Pointer Remote Code Execution Vulnerability
ZDI-25-029	ZDI-CAN-25332	Microsoft	CVE-2025-21331	Microsoft Windows Installer Service Link Following Local Privilege Escalation Vulnerability
ZDI-25-028	ZDI-CAN-25188	Microsoft	CVE-2025-21298	Microsoft Office Word RTF File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-25-027	ZDI-CAN-23793	Google	CVE-2024-2886	(Pwn2Own) Google Chrome VideoFrame Use-After-Free Remote Code Execution Vulnerability
ZDI-25-026	ZDI-CAN-24744	Mintty	CVE-2024-45301	Mintty Path Conversion Improper Input Validation Information Disclosure Vulnerability
ZDI-25-025	ZDI-CAN-22247	Avira	CVE-2024-9525	Avira Prime System Speedup Service Link Following Local Privilege Escalation Vulnerability
ZDI-25-024	ZDI-CAN-22246	Avira	CVE-2024-9524	Avira Prime System Speedup Service Link Following Local Privilege Escalation Vulnerability
ZDI-25-023	ZDI-CAN-22245	Avira	CVE-2024-9523	Avira Prime System Speedup Service Link Following Local Privilege Escalation Vulnerability
ZDI-25-022	ZDI-CAN-25404	Apple		Apple macOS libFontValidation Font Glyph YCoordinate Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-021	ZDI-CAN-25364	Apple		Apple macOS libFontValidation Font Glyph Flags Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-020	ZDI-CAN-25366	Apple		Apple macOS libFontValidation post Table Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-019	ZDI-CAN-25339	Apple		Apple macOS libFontValidation loca Table Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-018	ZDI-CAN-25341	Apple		Apple macOS libFontValidation Font Header Name Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-017	ZDI-CAN-25340	Apple		Apple macOS libFontValidation kern Table Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-016	ZDI-CAN-25263	Apple	CVE-2024-44240, CVE-2024-44302	Apple macOS CoreText Font Ligature Caret List Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-015	ZDI-CAN-25213	Apple	CVE-2024-44240, CVE-2024-44302	Apple macOS CoreText Font Ligature Caret List Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-25-014	ZDI-CAN-24821	SonicWALL	CVE-2024-53706	SonicWALL NSv setSshdConfig Exposed Dangerous Function Local Privilege Escalation Vulnerability
ZDI-25-013	ZDI-CAN-24820	SonicWALL	CVE-2024-53705	SonicWALL NSv SSH Management Server-Side Request Forgery Vulnerability
ZDI-25-012	ZDI-CAN-24819	SonicWALL	CVE-2024-53704	SonicWALL NSv Authentication Bypass Vulnerability
ZDI-25-011	ZDI-CAN-24818	SonicWALL	CVE-2024-40762	SonicWALL NSv Cryptographically Weak PRNG Authentication Bypass Vulnerability
ZDI-25-010	ZDI-CAN-24487	Redis	CVE-2024-46981	Redis Stack Lua Use-After-Free Remote Code Execution Vulnerability
ZDI-25-009	ZDI-CAN-24143	Redis	CVE-2024-55656	Redis Stack RedisBloom Integer Overflow Remote Code Execution Vulnerability
ZDI-25-008	ZDI-CAN-24932	Trend Micro	CVE-2024-55955	Trend Micro Deep Security Agent Incorrect Permissions Local Privilege Escalation Vulnerability
ZDI-25-007	ZDI-CAN-23401	Trend Micro	CVE-2024-52047	Trend Micro Apex One widget getWidgetPoolManager Local File Inclusion Remote Code Execution Vulnerability
ZDI-25-006	ZDI-CAN-24674	Trend Micro	CVE-2024-52049	Trend Micro Apex One LogServer Link Following Local Privilege Escalation Vulnerability
ZDI-25-005	ZDI-CAN-24675	Trend Micro	CVE-2024-52048	Trend Micro Apex One LogServer Link Following Local Privilege Escalation Vulnerability
ZDI-25-004	ZDI-CAN-24566	Trend Micro	CVE-2024-55917	Trend Micro Apex One Origin Validation Error Local Privilege Escalation Vulnerability
ZDI-25-003	ZDI-CAN-24557	Trend Micro	CVE-2024-55632	Trend Micro Apex One Security Agent Link Following Local Privilege Escalation Vulnerability
ZDI-25-002	ZDI-CAN-24609	Trend Micro	CVE-2024-52050	Trend Micro Apex One LogServer Link Following Local Privilege Escalation Vulnerability
ZDI-25-001	ZDI-CAN-23995	Trend Micro	CVE-2024-55631	Trend Micro Apex One Damage Cleanup Engine Link Following Local Privilege Escalation Vulnerability