F5 BIG-IP Source Code Leaked in State-Linked Cyberattack (BRICKSTORM Malware) F5 Networks warned its users about a widespread cyberattack that compromised its systems and led to the theft of BIG-IP... 17/10/2025 Qualys-Threat-Protect
ZDI-25-956: (0Day) Ashlar-Vellum Cobalt CO File Parsing Use-After-Free Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to... 17/10/2025 Zero-Day Initiative
ZDI-25-955: (0Day) Ashlar-Vellum Cobalt CO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to... 17/10/2025 Zero-Day Initiative
ZDI-25-954: (0Day) Ashlar-Vellum Cobalt XE File Parsing Integer Overflow Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to... 17/10/2025 Zero-Day Initiative
Veeam Addressed Critical Vulnerabilities Impacting Backup and Replication (CVE-2025-48983 & CVE-2025-48984) Veeam released a security advisory to address three vulnerabilities impacting its Backup and Replication application. Successful exploitation of the vulnerabilities... 17/10/2025 Qualys-Threat-Protect
Microsoft Patch Tuesday, October 2025 Security Update Review As cybersecurity threats evolve, Microsoft’s October 2025 Patch Tuesday delivers one of the most comprehensive security updates of the year.... 15/10/2025 Qualys-Threat-Protect
ZDI-25-953: Microsoft Windows TAR File Parsing NTLM Relay Vulnerability This vulnerability allows remote attackers to relay NTLM credentials on affected installations of Microsoft Windows. User interaction is required to... 15/10/2025 Zero-Day Initiative
Oracle Addresses a New Vulnerability Impacting E-Business Suite (CVE-2025-61884) On Saturday, Oracle released a security advisory addressing a high-severity vulnerability impacting E-Business Suite. Tracked as CVE-2025-61884, the vulnerability may... 15/10/2025 Qualys-Threat-Protect
ZDI-25-952: Ivanti Endpoint Manager UniqueFilename Unrestricted File Upload Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Endpoint Manager. User interaction is required... 11/10/2025 Zero-Day Initiative
ZDI-25-951: Allegra DatabaseBackupBL Directory Traversal Information Disclosure Vulnerability This vulnerability allows remote attackers to disclose sensitive information on affected installations of Allegra. Authentication is required to exploit this... 09/10/2025 Zero-Day Initiative
