ZDI-25-729: (Pwn2Own) Canonical Ubuntu Kernel taprio Scheduler Race Condition Local Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Canonical Ubuntu. An attacker must first obtain the... 31/07/2025 Zero-Day Initiative
ZDI-25-728: Apple macOS MediaToolbox Framework Memory Corruption Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the MediaToolbox framework... 31/07/2025 Zero-Day Initiative
ZDI-25-727: Apple macOS libFontValidation kern Table Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the libFontValidation library... 31/07/2025 Zero-Day Initiative
ZDI-25-726: (0Day) Ashlar-Vellum Cobalt LI File Parsing Use-After-Free Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to... 31/07/2025 Zero-Day Initiative
ZDI-25-725: (0Day) Ashlar-Vellum Cobalt XE File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to... 31/07/2025 Zero-Day Initiative
ZDI-25-724: (0Day) Ashlar-Vellum Cobalt CO File Parsing Type Confusion Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to... 31/07/2025 Zero-Day Initiative
ZDI-25-723: (0Day) Ashlar-Vellum Cobalt XE File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to... 31/07/2025 Zero-Day Initiative
ZDI-25-722: (0Day) Ashlar-Vellum Cobalt XE File Parsing Type Confusion Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to... 31/07/2025 Zero-Day Initiative
ZDI-25-721: (0Day) Ashlar-Vellum Cobalt CO File Parsing Memory Corruption Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to... 31/07/2025 Zero-Day Initiative
ZDI-25-720: (0Day) Ashlar-Vellum Cobalt CO File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to... 31/07/2025 Zero-Day Initiative
