ZDI-25-912: GIMP WBMP File Parsing Integer Overflow Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit... 25/09/2025 Zero-Day Initiative
ZDI-25-911: GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit... 25/09/2025 Zero-Day Initiative
ZDI-25-910: GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit... 25/09/2025 Zero-Day Initiative
ZDI-25-909: GIMP ICNS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit... 25/09/2025 Zero-Day Initiative
ZDI-25-908: Autodesk AutoCAD PRT File Parsing Memory Corruption Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to... 25/09/2025 Zero-Day Initiative
ZDI-25-907: Autodesk Revit RFA File Parsing Type Confusion Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk Revit. User interaction is required to... 25/09/2025 Zero-Day Initiative
ZDI-25-906: SolarWinds Web Help Desk AjaxProxy Deserialization of Untrusted Data Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Web Help Desk. Authentication is not... 25/09/2025 Zero-Day Initiative
ZDI-25-905: Gen Digital CCleaner Link Following Local Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Gen Digital CCleaner. An attacker must first obtain... 25/09/2025 Zero-Day Initiative
SolarWinds Web Help Desk Remote Code Execution Vulnerability (CVE-2025-26399) SolarWinds released a security advisory to address a critical severity vulnerability impacting its Web Help Desk software. Tracked as CVE-2025-26399,... 25/09/2025 Qualys-Threat-Protect
GoAnywhere Managed File Transfer (MFT) Deserialization Vulnerability (CVE-2025-10035) Fortra released security updates for a critical severity vulnerability impacting GoAnywhere MFT’s License Servlet. Tracked as CVE-2025-10035, the vulnerability has... 23/09/2025 Qualys-Threat-Protect
