ZDI-25-582: Microsoft Windows Startup Folder SmartScreen Bypass Vulnerability This vulnerability allows remote attackers to bypass the SmartScreen security feature on affected installations of Microsoft Windows. User interaction is... 09/07/2025 Zero-Day Initiative
ZDI-25-581: (Pwn2Own) Microsoft SharePoint DataSetSurrogateSelector Deserialization of Untrusted Data Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft SharePoint Server. Although authentication is required... 09/07/2025 Zero-Day Initiative
ZDI-25-580: (Pwn2Own) Microsoft SharePoint ToolPane Authentication Bypass Vulnerability This vulnerability allows remote attackers to bypass authentication on affected installations of Microsoft SharePoint. Authentication is not required to exploit... 09/07/2025 Zero-Day Initiative
ZDI-25-579: Microsoft PC Manager Uncontrolled Search Path Element Local Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft PC Manager. An attacker must first obtain... 09/07/2025 Zero-Day Initiative
ZDI-25-578: Microsoft Windows win32kfull Integer Overflow Local Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the... 09/07/2025 Zero-Day Initiative
ZDI-25-577: Microsoft Windows AppX Deployment Service Link Following Local Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the... 09/07/2025 Zero-Day Initiative
ZDI-25-576: Siemens SINEC NMS uploadFWBinary Directory Traversal Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens SINEC NMS. Although authentication is required... 09/07/2025 Zero-Day Initiative
ZDI-25-575: Siemens SINEC NMS unZipJarFilestoLocation Directory Traversal Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens SINEC NMS. Although authentication is required... 09/07/2025 Zero-Day Initiative
ZDI-25-574: Siemens SINEC NMS reqToChangePassword Authentication Bypass Vulnerability This vulnerability allows remote attackers to bypass authentication on affected installations of Siemens SINEC NMS. Authentication is not required to... 09/07/2025 Zero-Day Initiative
ZDI-25-573: IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required... 09/07/2025 Zero-Day Initiative
