2025 | Secure Cyber Vulnerability Management

ZDI-25-1004: Apple macOS USD importMeshJointWeights Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the USD library...

14/11/2025

Zero-Day Initiative

ZDI-25-1003: Apple macOS USD importNodeAnimations Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the USD library...

14/11/2025

Zero-Day Initiative

ZDI-25-1002: Apple macOS USD importMeshes Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the USD library...

14/11/2025

Zero-Day Initiative

ZDI-25-1001: Microsoft Windows Common Log File System Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Microsoft Windows. An attacker must first obtain...

14/11/2025

Zero-Day Initiative

ZDI-25-1000: Adobe USD-Fileformat-plugins usdGltf Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe USD-Fileformat-plugins. Interaction with the USD library...

14/11/2025

Zero-Day Initiative

ZDI-25-999: Adobe USD-Fileformat-plugins usdGltf Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe USD-Fileformat-plugins. Interaction with the USD library...

14/11/2025

Zero-Day Initiative

ZDI-25-998: Adobe USD-Fileformat-plugins usdGltf Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe USD-Fileformat-plugins. Interaction with the USD library...

14/11/2025

Zero-Day Initiative

ZDI-25-997: Adobe USD-Fileformat-plugins usdGltf Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe USD-Fileformat-plugins. Interaction with the USD library...

14/11/2025

Zero-Day Initiative

Microsoft Patch Tuesday, November 2025 Security Update Review

Microsoft released its November Patch Tuesday Security Updates. Here’s a quick breakdown of what you need to know. This month’s...

12/11/2025

Qualys-Threat-Protect

ZDI-25-991: Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Academy Software Foundation OpenEXR. User interaction is...

12/11/2025

Zero-Day Initiative