ZDI-25-954: (0Day) Ashlar-Vellum Cobalt XE File Parsing Integer Overflow Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to... 17/10/2025 Zero-Day Initiative
Veeam Addressed Critical Vulnerabilities Impacting Backup and Replication (CVE-2025-48983 & CVE-2025-48984) Veeam released a security advisory to address three vulnerabilities impacting its Backup and Replication application. Successful exploitation of the vulnerabilities... 17/10/2025 Qualys-Threat-Protect
Microsoft Patch Tuesday, October 2025 Security Update Review As cybersecurity threats evolve, Microsoft’s October 2025 Patch Tuesday delivers one of the most comprehensive security updates of the year.... 15/10/2025 Qualys-Threat-Protect
ZDI-25-953: Microsoft Windows TAR File Parsing NTLM Relay Vulnerability This vulnerability allows remote attackers to relay NTLM credentials on affected installations of Microsoft Windows. User interaction is required to... 15/10/2025 Zero-Day Initiative
Oracle Addresses a New Vulnerability Impacting E-Business Suite (CVE-2025-61884) On Saturday, Oracle released a security advisory addressing a high-severity vulnerability impacting E-Business Suite. Tracked as CVE-2025-61884, the vulnerability may... 15/10/2025 Qualys-Threat-Protect
ZDI-25-952: Ivanti Endpoint Manager UniqueFilename Unrestricted File Upload Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Endpoint Manager. User interaction is required... 11/10/2025 Zero-Day Initiative
ZDI-25-951: Allegra DatabaseBackupBL Directory Traversal Information Disclosure Vulnerability This vulnerability allows remote attackers to disclose sensitive information on affected installations of Allegra. Authentication is required to exploit this... 09/10/2025 Zero-Day Initiative
Oracle E-Business Suite Remote Code Execution Vulnerability Exploited in the Wild (CVE-2025-61882) Oracle released a security advisory to address a critical zero-day vulnerability impacting the E-Business Suite. Tracked as CVE-2025-61882, the vulnerability... 08/10/2025 Qualys-Threat-Protect
ZDI-25-950: 7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this product is required... 08/10/2025 Zero-Day Initiative
ZDI-25-949: 7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this product is required... 08/10/2025 Zero-Day Initiative
