Apple Addressed Zero-day Vulnerability Impacting iOS, iPadOS, and macOS (CVE-2025-43300) Apple has released updates to address a vulnerability that is being exploited in the wild. Tracked as CVE-2025-43300, the vulnerability impacts... 22/08/2025 Qualys-Threat-Protect
ZDI-25-857: Ivanti Avalanche FileStoreConfig Arbitrary File Upload Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche. Authentication is required to exploit... 21/08/2025 Zero-Day Initiative
ZDI-25-856: Ivanti Avalanche getCountMuStatDevicePropResultsFromMuListAgentIds SQL Injection Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche. Authentication is required to exploit... 21/08/2025 Zero-Day Initiative
ZDI-25-855: (0Day) Cockroach Labs cockroach-k8s-request-cert Empty Root Password Authentication Bypass Vulnerability This vulnerability could allow remote attackers to bypass authentication on systems that use the affected version of the Cockroach Labs... 21/08/2025 Zero-Day Initiative
ZDI-25-854: (0Day) Oxford Instruments Imaris Viewer IMS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Oxford Instruments Imaris Viewer. User interaction is... 21/08/2025 Zero-Day Initiative
ZDI-25-853: (0Day) Oxford Instruments Imaris Viewer IMS File Parsing Uninitialized Pointer Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Oxford Instruments Imaris Viewer. User interaction is... 21/08/2025 Zero-Day Initiative
ZDI-25-852: (0Day) CData API Server MySQL Misconfiguration Information Disclosure Vulnerability This vulnerability allows remote attackers to disclose sensitive information on affected installations of CData API Server. Authentication is required to... 21/08/2025 Zero-Day Initiative
ZDI-25-851: (Pwn2Own) NVIDIA Triton Inference Server IPC Push Out-Of-Bounds Write Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of NVIDIA Triton Inference Server. Authentication is not... 21/08/2025 Zero-Day Initiative
ZDI-25-850: (Pwn2Own) NVIDIA Triton Inference Server LoadFromSharedMemory Out-Of-Bounds Read Information Disclosure Vulnerability This vulnerability allows remote attackers to disclose sensitive information on affected installations of NVIDIA Triton Inference Server. Authentication is not... 21/08/2025 Zero-Day Initiative
ZDI-25-849: (Pwn2Own) NVIDIA Triton Inference Server SharedMemoryManager Error Message Information Disclosure Vulnerability This vulnerability allows remote attackers to disclose sensitive information on affected installations of NVIDIA Triton Inference Server. Authentication is not... 21/08/2025 Zero-Day Initiative
