ZDI-25-700: Autodesk AutoCAD X_T File Parsing Memory Corruption Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to... 30/07/2025 Zero-Day Initiative
ZDI-25-699: Autodesk AutoCAD 3DM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to... 30/07/2025 Zero-Day Initiative
ZDI-25-698: Avast Cleanup Premium TuneupSvc Link Following Local Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Avast Cleanup Premium. An attacker must first obtain... 30/07/2025 Zero-Day Initiative
ZDI-25-697: AVG TuneUp for PC TuneupSvc Link Following Local Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of AVG TuneUp for PC. An attacker must first... 30/07/2025 Zero-Day Initiative
ZDI-25-696: Avast Cleanup Premium TuneupSvc Link Following Local Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Avast Cleanup Premium. An attacker must first obtain... 30/07/2025 Zero-Day Initiative
ZDI-25-672: Samsung MagicINFO 9 Server filenameHasExecutableType Unrestricted File Upload Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung MagicINFO 9 Server. Authentication is not... 30/07/2025 Zero-Day Initiative
ZDI-25-671: Samsung MagicINFO 9 Server PremiumClientService Hard-coded Cryptographic Key Authentication Bypass Vulnerability This vulnerability allows remote attackers to bypass authentication on affected installations of Samsung MagicINFO 9 Server. Authentication is not required... 29/07/2025 Zero-Day Initiative
ZDI-25-670: Samsung MagicINFO 9 Server PremiumClientService Hard-coded Cryptographic Key Authentication Bypass Vulnerability This vulnerability allows remote attackers to bypass authentication on affected installations of Samsung MagicINFO 9 Server. Authentication is not required... 29/07/2025 Zero-Day Initiative
ZDI-25-669: Samsung MagicINFO 9 Server FtpMetaUploadServlet Directory Traversal Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung MagicINFO 9 Server. Although authentication is... 29/07/2025 Zero-Day Initiative
ZDI-25-668: Samsung MagicINFO 9 Server ServletAuthenticationProcessingFilter Authentication Bypass Vulnerability This vulnerability allows remote attackers to partially bypass authentication on affected installations of Samsung MagicINFO 9 Server. Authentication is not... 29/07/2025 Zero-Day Initiative
