Deepanshu Jha | Secure Cyber Vulnerability Management

ZDI-25-456: (0Day) Marvell QConvergeConsole getFileUploadBytes Directory Traversal Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. Authentication is not required to...

28/06/2025

Zero-Day Initiative

ZDI-25-455: (0Day) Marvell QConvergeConsole getFileUploadSize Directory Traversal Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. Authentication is not required to...

28/06/2025

Zero-Day Initiative

ZDI-25-454: (0Day) Marvell QConvergeConsole saveAsText Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole. Authentication is not required to...

28/06/2025

Zero-Day Initiative

ZDI-25-453: (0Day) Marvell QConvergeConsole compressFirmwareDumpFiles Directory Traversal Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. Authentication is not required to...

28/06/2025

Zero-Day Initiative

ZDI-25-452: (0Day) Marvell QConvergeConsole compressDriverFiles Directory Traversal Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. Authentication is not required to...

28/06/2025

Zero-Day Initiative

Cisco Identity Services Engine Unauthenticated Remote Code Execution Vulnerabilities (CVE-2025-20281 & CVE-2025-20282)

Cisco addresses two critical severity vulnerabilities impacting Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC). Tracked as...

27/06/2025

Qualys-Threat-Protect

Citrix NetScaler ADC and NetScaler Gateway Vulnerability Exploited in Denial-of-Service Attacks (CVE-2025-6543)

Citrix released a security update to address the vulnerability impacting NetScaler appliances. Tracked as CVE-2025-6543, successfully exploiting the memory overflow...

27/06/2025

Qualys-Threat-Protect

ZDI-25-447: PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to...

26/06/2025

Zero-Day Initiative

ZDI-25-446: PDF-XChange Editor App Object Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to...

26/06/2025

Zero-Day Initiative

ZDI-25-445: PDF-XChange Editor PRC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to...

26/06/2025

Zero-Day Initiative