ZDI-25-1060: Senstar Symphony FetchStoredLicense Information Disclosure Vulnerability This vulnerability allows remote attackers to disclose sensitive information on affected installations of Senstar Symphony. Authentication is not required to... 11/12/2025 Zero-Day Initiative
ZDI-25-1059: Vim for Windows Uncontrolled Search Path Element Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Vim for Windows. User interaction is required... 11/12/2025 Zero-Day Initiative
ZDI-25-1058: (0Day) Microsoft Windows TAR File UI Misrepresentation Vulnerability This vulnerability allows remote attackers to disguise hard links on affected installations of Microsoft Windows. User interaction is required to... 11/12/2025 Zero-Day Initiative
ZDI-25-1057: (0Day) Microsoft Visual Studio VsDevCmd Uncontrolled Search Path Element Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Visual Studio. User interaction is required... 11/12/2025 Zero-Day Initiative
ZDI-25-1056: (0Day) Microsoft ASP.NET SOAP Execution Restriction Bypass Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft ASP.NET. Authentication may be required to... 11/12/2025 Zero-Day Initiative
ZDI-25-1055: (0Day) Microsoft Windows MP4 File Parsing Null Pointer Dereference Denial-of-Service Vulnerability This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Microsoft Windows. User interaction is required... 11/12/2025 Zero-Day Initiative
ZDI-25-1054: (0Day) Microsoft Windows dir Command Improper Character Neutralization Vulnerability This vulnerability allows remote attackers to display misleading terminal output on affected installations of Microsoft Windows. User interaction is required... 11/12/2025 Zero-Day Initiative
ZDI-25-1053: (0Day) Microsoft SharePoint Calendar Overlay Hyperlink Injection Vulnerability This vulnerability allows remote attackers to inject unexpected hyperlinks on affected installations of Microsoft SharePoint. User interaction is required to... 11/12/2025 Zero-Day Initiative
ZDI-25-1052: Ivanti Endpoint Manager CAB File Parsing Directory Traversal Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Endpoint Manager. Authentication is required to... 11/12/2025 Zero-Day Initiative
ZDI-25-1051: Ivanti Endpoint Manager HIIDriver Improper Verification of Cryptographic Signature Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Endpoint Manager. User interaction is required... 11/12/2025 Zero-Day Initiative
