ZDI-25-1057: (0Day) Microsoft Visual Studio VsDevCmd Uncontrolled Search Path Element Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Visual Studio. User interaction is required... 11/12/2025 Zero-Day Initiative
ZDI-25-1056: (0Day) Microsoft ASP.NET SOAP Execution Restriction Bypass Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft ASP.NET. Authentication may be required to... 11/12/2025 Zero-Day Initiative
ZDI-25-1055: (0Day) Microsoft Windows MP4 File Parsing Null Pointer Dereference Denial-of-Service Vulnerability This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Microsoft Windows. User interaction is required... 11/12/2025 Zero-Day Initiative
ZDI-25-1054: (0Day) Microsoft Windows dir Command Improper Character Neutralization Vulnerability This vulnerability allows remote attackers to display misleading terminal output on affected installations of Microsoft Windows. User interaction is required... 11/12/2025 Zero-Day Initiative
ZDI-25-1053: (0Day) Microsoft SharePoint Calendar Overlay Hyperlink Injection Vulnerability This vulnerability allows remote attackers to inject unexpected hyperlinks on affected installations of Microsoft SharePoint. User interaction is required to... 11/12/2025 Zero-Day Initiative
ZDI-25-1052: Ivanti Endpoint Manager CAB File Parsing Directory Traversal Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Endpoint Manager. Authentication is required to... 11/12/2025 Zero-Day Initiative
ZDI-25-1051: Ivanti Endpoint Manager HIIDriver Improper Verification of Cryptographic Signature Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Endpoint Manager. User interaction is required... 11/12/2025 Zero-Day Initiative
ZDI-25-1050: Microsoft Azure Virtual Desktop Link Following Local Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Azure Virtual Desktop. An attacker must first... 11/12/2025 Zero-Day Initiative
ZDI-25-1049: Microsoft Windows win32kfull Out-Of-Bounds Write Local Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the... 11/12/2025 Zero-Day Initiative
ZDI-25-1048: Microsoft Windows win32kfull Out-Of-Bounds Write Local Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the... 11/12/2025 Zero-Day Initiative
