ZDI-25-299: Apple macOS acv2 Codec Converter Out-Of-Bounds Read Information Disclosure Vulnerability This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. User interaction is required to... 21/05/2025 Zero-Day Initiative
ZDI-25-298: Apple macOS MP4 File Parsing Memory Corruption Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. User interaction is required to... 21/05/2025 Zero-Day Initiative
ZDI-25-297: Trend Micro Apex Central widget getBlock Local File Inclusion Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Apex Central. Authentication is required... 21/05/2025 Zero-Day Initiative
ZDI-25-296: Trend Micro Apex Central modTMCM Unrestricted File Upload Vulnerability This vulnerability allows remote attackers to upload arbitrary files on affected installations of Trend Micro Apex Central. Authentication is required... 21/05/2025 Zero-Day Initiative
ZDI-25-295: Trend Micro Apex Central widget getObjWGFServiceApiByApiName Local File Inclusion Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Apex Central. Authentication is required... 21/05/2025 Zero-Day Initiative
ZDI-25-294: Microsoft PC Manager MSPCManagerService Link Following Local Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft PC Manager. An attacker must first obtain... 21/05/2025 Zero-Day Initiative
Mozilla Fixes Two Actively Exploited Zero-day Vulnerabilities in Firefox (CVE-2025-4919 & CVE-2025-4918) Mozilla released a security advisory to address two critical severity vulnerabilities in Firefox. Tracked as CVE-2025-4919 & CVE-2025-4918, the vulnerabilities... 20/05/2025 Qualys-Threat-Protect
Google Releases Fix for Zero-day Vulnerability in Chrome (CVE-2025-4664) Google released a security advisory to address a zero-day vulnerability tracked as CVE-2025-4664 CVE-2025-4664 is an insufficient policy enforcement in... 15/05/2025 Qualys-Threat-Protect
Fortinet Addresses Code Execution Vulnerability in FortiVoice, FortiMail, FortiNDR, FortiRecorder & FortiCamera (CVE-2025-32756) Fortinet released a security advisory to address a critical severity vulnerability impacting FortiVoice, FortiMail, FortiNDR, FortiRecorder, and FortiCamera. Tracked as... 15/05/2025 Qualys-Threat-Protect
Microsoft Patch Tuesday, May 2025 Security Update Review Microsoft’s May 2025 Patch Tuesday rolls out critical security updates, addressing multiple vulnerabilities across Windows, Office, and other key products.... 14/05/2025 Qualys-Threat-Protect
