ZDI-25-904: Dassault Systèmes eDrawings Viewer PAR File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings Viewer. User interaction is... 23/09/2025 Zero-Day Initiative
ZDI-25-903: Dassault Systèmes eDrawings Viewer PAR File Parsing Use-After-Free Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings Viewer. User interaction is... 23/09/2025 Zero-Day Initiative
ZDI-25-902: Dassault Systèmes eDrawings Viewer JT File Parsing Uninitialized Variable Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings Viewer. User interaction is... 23/09/2025 Zero-Day Initiative
ZDI-25-901: Apple Safari IPC Connection Invalidation Use-After-Free Information Disclosure Vulnerability This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple Safari. User interaction is required to... 19/09/2025 Zero-Day Initiative
ZDI-25-900: Apple macOS OGG Audio File Header Parsing Memory Corruption Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. User interaction is required to... 19/09/2025 Zero-Day Initiative
ZDI-25-899: Apple macOS Audio APAC Frame Decoding Out-Of-Bounds Write Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. User interaction is required to... 19/09/2025 Zero-Day Initiative
ZDI-25-898: Delta Electronics COMMGR Stack-based Buffer Overflow Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics COMMGR. An attacker must first... 19/09/2025 Zero-Day Initiative
ZDI-25-897: Avira Prime Link Following Local Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Avira Prime. An attacker must first obtain the... 19/09/2025 Zero-Day Initiative
Another Zero-day Vulnerability impacting Google Chrome (CVE-2025-10585) On Wednesday, Google rolled out security updates for a Chrome vulnerability actively exploited in the wild. Tracked as CVE-2025-10585, the vulnerability is... 19/09/2025 Qualys-Threat-Protect
ZDI-25-896: Wondershare Repairit SAS Token Incorrect Permission Assignment Authentication Bypass Vulnerability This vulnerability allows remote attackers to bypass authentication on Wondershare Repairit. Authentication is not required to exploit this vulnerability. The... 18/09/2025 Zero-Day Initiative
