CISA Warns of Ivanti EPMM Unauthenticated Remote Code Execution Vulnerabilities (CVE-2025-4427 & CVE-2025-4428) Ivanti released security updates to address two high security vulnerabilities impacting its Endpoint Manager Mobile (EPMM). Tracked as CVE-2025-4427 and... 21/05/2025 Qualys-Threat-Protect
ZDI-25-308: Adobe Dreamweaver V8 Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Dreamweaver. User interaction is required to... 21/05/2025 Zero-Day Initiative
ZDI-25-307: Linux Kernel OpenvSwitch Out-Of-Bounds Read Information Disclosure Vulnerability This vulnerability allows local attackers to disclose sensitive information on affected installations of Linux Kernel. An attacker must first obtain... 21/05/2025 Zero-Day Initiative
ZDI-25-306: Docker Desktop Helper Service Link Following Local Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Docker Desktop. An attacker must first obtain the... 21/05/2025 Zero-Day Initiative
ZDI-25-305: Apple XNU kernel vm_map Race Condition Local Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the... 21/05/2025 Zero-Day Initiative
ZDI-25-304: Apple macOS JPEG Image Decoding Out-Of-Bounds Write Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. User interaction is required to... 21/05/2025 Zero-Day Initiative
ZDI-25-303: Apple Safari SandboxBroker ZIP File Processing Out-Of-Bounds Read Information Disclosure Vulnerability This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple Safari. User interaction is required to... 21/05/2025 Zero-Day Initiative
ZDI-25-302: Apple macOS CoreMedia Framework Memory Corruption Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. User interaction is required to... 21/05/2025 Zero-Day Initiative
ZDI-25-301: Apple Safari Scrollbar Animation Use-After-Free Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple Safari. User interaction is required to... 21/05/2025 Zero-Day Initiative
ZDI-25-300: Apple macOS PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the CoreGraphics framework... 21/05/2025 Zero-Day Initiative
