ZDI-25-1081: (0Day) Soda PDF Desktop PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability This vulnerability allows remote attackers to disclose sensitive information on affected installations of Soda PDF Desktop. User interaction is required... 12/12/2025 Zero-Day Initiative
ZDI-25-1080: (0Day) Soda PDF Desktop PDF File Parsing Memory Corruption Information Disclosure Vulnerability This vulnerability allows remote attackers to disclose sensitive information on affected installations of Soda PDF Desktop. User interaction is required... 12/12/2025 Zero-Day Initiative
ZDI-25-1079: (0Day) Soda PDF Desktop Uncontrolled Search Path Element Local Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Soda PDF Desktop. An attacker must first obtain... 12/12/2025 Zero-Day Initiative
Google Patches Zero-day Vulnerability Exploited in Attack Google has issued urgent updates to address another Chrome zero-day vulnerability that is actively being exploited in the wild, making... 12/12/2025 Qualys-Threat-Protect
Ivanti Endpoint Manager (EPM) Multiple Vulnerabilities (CVE-2025-10573, CVE-2025-13659, CVE-2025-13661, & CVE-2025-13662) Ivanti released a security advisory to address three high-severity vulnerabilities and one critical-severity vulnerability impacting EPM core and remote consoles. Ivanti mentioned in their advisory that they are unaware... 12/12/2025 Qualys-Threat-Protect
ZDI-25-1072: IceWarp14 X-File-Operation Command Injection Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of IceWarp. Authentication is not required to exploit... 11/12/2025 Zero-Day Initiative
ZDI-25-1071: IceWarp gmaps Cross-Site Scripting Authentication Bypass Vulnerability This vulnerability allows remote attackers to bypass authentication on affected installations of IceWarp. User interaction is required to exploit this... 11/12/2025 Zero-Day Initiative
ZDI-25-1070: TradingView Desktop Electron Uncontrolled Search Path Local Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of TradingView Desktop. An attacker must first obtain the... 11/12/2025 Zero-Day Initiative
ZDI-25-1069: (Pwn2Own) oFono CUSD Stack-based Buffer Overflow Code Execution Vulnerability This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the... 11/12/2025 Zero-Day Initiative
ZDI-25-1068: Fuji Electric Monitouch V-SFT V7 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Monitouch V-SFT. User interaction is... 11/12/2025 Zero-Day Initiative
