ZDI-25-388: Siemens TeleControl Server Basic ImportDatabase SQL Injection Information Disclosure Vulnerability This vulnerability allows remote attackers to disclose sensitive information on affected installations of Siemens TeleControl Server Basic. Although authentication is... 17/06/2025 Zero-Day Initiative
ZDI-25-387: Siemens TeleControl Server Basic UpdateProjectConnections SQL Injection Information Disclosure Vulnerability This vulnerability allows remote attackers to disclose sensitive information on affected installations of Siemens TeleControl Server Basic. Although authentication is... 17/06/2025 Zero-Day Initiative
ZDI-25-386: Siemens TeleControl Server Basic UpdateConnectionVariables SQL Injection Information Disclosure Vulnerability This vulnerability allows remote attackers to disclose sensitive information on affected installations of Siemens TeleControl Server Basic. Although authentication is... 17/06/2025 Zero-Day Initiative
ZDI-25-385: Siemens TeleControl Server Basic RestoreFromBackup SQL Injection Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens TeleControl Server Basic. Although authentication is... 17/06/2025 Zero-Day Initiative
ZDI-25-384: Siemens TeleControl Server Basic Authenticate SQL Injection Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens TeleControl Server Basic. Authentication is not... 17/06/2025 Zero-Day Initiative
ZDI-25-383: Siemens TeleControl Server Basic VerifyUser SQL Injection Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens TeleControl Server Basic. Authentication is not... 17/06/2025 Zero-Day Initiative
ZDI-25-382: Siemens TeleControl Server Basic UpdateProject SQL Injection Information Disclosure Vulnerability This vulnerability allows remote attackers to disclose sensitive information on affected installations of Siemens TeleControl Server Basic. Although authentication is... 17/06/2025 Zero-Day Initiative
ZDI-25-380: Trend Micro Maximum Security Platinum Host Service Link Following Local Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Maximum Security. An attacker must first... 14/06/2025 Zero-Day Initiative
ZDI-25-379: (Pwn2Own) Ubiquiti Networks AI Bullet Insufficient Firmware Update Validation Remote Code Execution Vulnerability This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Ubiquiti Networks AI Bullet Cameras. Although authentication is required... 12/06/2025 Zero-Day Initiative
ZDI-25-378: (Pwn2Own) Ubiquiti Networks UniFi Console Missing Authentication for Critical Function Authentication Bypass Vulnerability This vulnerability allows network-adjacent attackers to bypass authentication on affected Ubiquiti Networks UniFi Console devices. Authentication is not required to... 12/06/2025 Zero-Day Initiative
