ZDI-25-1013: NVIDIA AIStore AuthN Hard-coded Credentials Authentication Bypass Vulnerability 15/11/2025
ZDI-25-1012: NVIDIA AIStore AuthN users Missing Authentication for Critical Function Information Disclosure Vulnerability 15/11/2025
ZDI-25-1011: Apple Safari JavaScriptCore Wasm Function Parsing Use-After-Free Remote Code Execution Vulnerability 14/11/2025
Fortinet FortiWeb Zero-day Vulnerability Exploited in the Wild (CVE-2025-64446) Threat actors are exploiting a zero-day vulnerability, CVE-2025-64446, that has been discovered in Fortinet’s FortiWeb web application firewall product. Successful... 15/11/2025 Qualys-Threat-Protect
ZDI-25-1013: NVIDIA AIStore AuthN Hard-coded Credentials Authentication Bypass Vulnerability This vulnerability allows remote attackers to bypass authentication on affected installations of NVIDIA AIStore. Authentication is not required to exploit... 15/11/2025 Zero-Day Initiative
ZDI-25-1012: NVIDIA AIStore AuthN users Missing Authentication for Critical Function Information Disclosure Vulnerability This vulnerability allows remote attackers to disclose sensitive information on affected installations of NVIDIA AIStore. Authentication is not required to... 15/11/2025 Zero-Day Initiative
ZDI-25-1011: Apple Safari JavaScriptCore Wasm Function Parsing Use-After-Free Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple Safari. User interaction is required to... 14/11/2025 Zero-Day Initiative
ZDI-25-1010: Apple Safari JavaScriptCore DFG CSE Phase Graph Node Substitution Use-After-Free Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple Safari. User interaction is required to... 14/11/2025 Zero-Day Initiative
ZDI-25-1009: Apple macOS USD readAccessorData Heap-based Buffer Overflow Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the USD library... 14/11/2025 Zero-Day Initiative
ZDI-25-1008: Apple macOS ICC Profile Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. User interaction is required to... 14/11/2025 Zero-Day Initiative
ZDI-25-1007: Apple Safari JavaScriptCore operationMapIteratorNext Type Confusion Information Disclosure Vulnerability This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple Safari. User interaction is required to... 14/11/2025 Zero-Day Initiative
ZDI-25-1006: Apple macOS CoreText Font Glyph Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. User interaction is required to... 14/11/2025 Zero-Day Initiative
ZDI-25-1005: Apple macOS WindowServer Excessive Iteration Denial-of-Service Vulnerability This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Apple macOS. Authentication is not required... 14/11/2025 Zero-Day Initiative
