ZDI-25-412: Fuji Electric Smart Editor X1 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Smart Editor. User interaction is... 21/06/2025 Zero-Day Initiative
ZDI-25-411: Delta Electronics CNCSoft-G2 DPAX File Parsing Memory Corruption Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics CNCSoft-G2. User interaction is required... 21/06/2025 Zero-Day Initiative
ZDI-25-410: Allegra calculateTokenExpDate Password Recovery Authentication Bypass Vulnerability This vulnerability allows remote attackers to bypass authentication on affected installations of Allegra. Authentication is not required to exploit this... 20/06/2025 Zero-Day Initiative
ZDI-25-409: RARLAB WinRAR Directory Traversal Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR. User interaction is required to... 20/06/2025 Zero-Day Initiative
ZDI-25-408: PEAK-System Driver PCANFD_ADD_FILTERS Time-Of-Check Time-Of-Use Information Disclosure Vulnerability This vulnerability allows local attackers to disclose sensitive information on affected installations of PEAK-System Driver. An attacker must first obtain... 19/06/2025 Zero-Day Initiative
Veeam Backup and Replication Multiple Vulnerabilities (CVE-2025-23121, CVE-2025-24286, & CVE-2025-24287) Veeam released a security advisory to address three vulnerabilities impacting its domain-joined Backup and replication systems. Tracked as CVE-2025-23121, CVE-2025-24286,... 19/06/2025 Qualys-Threat-Protect
ZDI-25-407: SolarWinds Web Help Desk AjaxProxy Deserialization of Untrusted Data Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Web Help Desk. Authentication is not... 18/06/2025 Zero-Day Initiative
ZDI-25-406: SolarWinds Serv-U FTP Service Directory Traversal Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Serv-U. Authentication is required to exploit... 18/06/2025 Zero-Day Initiative
ZDI-25-405: Fuji Electric Smart Editor X1 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Smart Editor. User interaction is... 18/06/2025 Zero-Day Initiative
ZDI-25-404: Fuji Electric Smart Editor X1 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Smart Editor. User interaction is... 18/06/2025 Zero-Day Initiative
