ZDI-25-622: (Pwn2Own) Phoenix Contact CHARX SEC-3150 Configuration Service Missing Authentication Vulnerability This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Phoenix Contact CHARX SEC-3150 devices. Authentication is not... 22/07/2025 Zero-Day Initiative
ZDI-25-621: (Pwn2Own) Phoenix Contact CHARX SEC-3150 DHCP Configuration Command Injection Remote Code Execution Vulnerability This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Phoenix Contact CHARX SEC-3150 devices. Authentication is... 22/07/2025 Zero-Day Initiative
ZDI-25-620: Dassault Systèmes eDrawings Viewer JT File Parsing Use-After-Free Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings Viewer. User interaction is... 18/07/2025 Zero-Day Initiative
ZDI-25-619: Dassault Systèmes eDrawings Viewer JT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings Viewer. User interaction is... 18/07/2025 Zero-Day Initiative
ZDI-25-618: Dassault Systèmes eDrawings Viewer JT File Parsing Uninitialized Variable Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings Viewer. User interaction is... 18/07/2025 Zero-Day Initiative
ZDI-25-617: Dassault Systèmes eDrawings Viewer CATPRODUCT File Parsing Use-After-Free Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings Viewer. User interaction is... 18/07/2025 Zero-Day Initiative
ZDI-25-616: Dassault Systèmes eDrawings Viewer CATPRODUCT File Parsing Use-After-Free Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings Viewer. User interaction is... 18/07/2025 Zero-Day Initiative
ZDI-25-615: Dassault Systèmes eDrawings Viewer IPT File Parsing Use-After-Free Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings Viewer. User interaction is... 18/07/2025 Zero-Day Initiative
ZDI-25-614: Hewlett Packard Enterprise AutoPass License Server Authentication Bypass Vulnerability This vulnerability allows remote attackers to bypass authentication on affected installations of Hewlett Packard Enterprise AutoPass License Server. Authentication is... 18/07/2025 Zero-Day Initiative
ZDI-25-613: Hewlett Packard Enterprise AutoPass License Server Hard-coded Credentials Authentication Bypass Vulnerability This vulnerability allows remote attackers to disclose sensitive information or edit configuration on affected installations of Hewlett Packard Enterprise AutoPass... 18/07/2025 Zero-Day Initiative
