ZDI-25-958: Oracle VirtualBox VMSVGA Out-Of-Bounds Read Information Disclosure Vulnerability This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain... 28/10/2025 Zero-Day Initiative
Adobe Magento Improper Input Validation Vulnerability Exploited in Attack (CVE-2025-54236) Security experts from e-commerce security firm Sansec have discovered that threat attackers are actively exploiting a vulnerability in Adobe Commerce and... 25/10/2025 Qualys-Threat-Protect
Oracle Critical Patch Update, October 2025 Security Update Review Oracle released its third quarterly edition of this year’s Critical Patch Update. The update received patches for 374 security vulnerabilities.... 23/10/2025 Qualys-Threat-Protect
F5 BIG-IP Source Code Leaked in State-Linked Cyberattack (BRICKSTORM Malware) F5 Networks warned its users about a widespread cyberattack that compromised its systems and led to the theft of BIG-IP... 17/10/2025 Qualys-Threat-Protect
ZDI-25-956: (0Day) Ashlar-Vellum Cobalt CO File Parsing Use-After-Free Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to... 17/10/2025 Zero-Day Initiative
ZDI-25-955: (0Day) Ashlar-Vellum Cobalt CO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to... 17/10/2025 Zero-Day Initiative
ZDI-25-954: (0Day) Ashlar-Vellum Cobalt XE File Parsing Integer Overflow Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to... 17/10/2025 Zero-Day Initiative
Veeam Addressed Critical Vulnerabilities Impacting Backup and Replication (CVE-2025-48983 & CVE-2025-48984) Veeam released a security advisory to address three vulnerabilities impacting its Backup and Replication application. Successful exploitation of the vulnerabilities... 17/10/2025 Qualys-Threat-Protect
Microsoft Patch Tuesday, October 2025 Security Update Review As cybersecurity threats evolve, Microsoft’s October 2025 Patch Tuesday delivers one of the most comprehensive security updates of the year.... 15/10/2025 Qualys-Threat-Protect
ZDI-25-953: Microsoft Windows TAR File Parsing NTLM Relay Vulnerability This vulnerability allows remote attackers to relay NTLM credentials on affected installations of Microsoft Windows. User interaction is required to... 15/10/2025 Zero-Day Initiative
