ZDI-25-827: (0Day) Schneider Electric EcoStruxure Power Monitoring Expert GetTgmlContent Directory Traversal Information Disclosure Vulnerability This vulnerability allows remote attackers to disclose sensitive information on affected installations of Schneider Electric EcoStruxure Power Monitoring Expert. Authentication... 13/08/2025 Zero-Day Initiative
ZDI-25-826: (0Day) Schneider Electric EcoStruxure Power Monitoring Expert ExportDataAsXML Server-Side Request Forgery Information Disclosure Vulnerability This vulnerability allows remote attackers to disclose sensitive information on affected installations of Schneider Electric EcoStruxure Power Monitoring Expert. Authentication... 13/08/2025 Zero-Day Initiative
ZDI-25-825: Apple macOS AudioToolboxCore Audio Conversion Out-Of-Bounds Read Information Disclosure Vulnerability This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the AudioToolboxCore framework... 12/08/2025 Zero-Day Initiative
ZDI-25-824: (0Day) Microsoft Windows Theme File Parsing Improper Input Validation NTLM Relay Vulnerability This vulnerability allows remote attackers to relay NTLM credentials on affected installations of Microsoft Windows. User interaction is required to... 07/08/2025 Zero-Day Initiative
ZDI-25-823: (0Day) Microsoft Windows Theme File Parsing Improper Input Validation NTLM Relay Vulnerability This vulnerability allows remote attackers to relay NTLM credentials on affected installations of Microsoft Windows. User interaction is required to... 07/08/2025 Zero-Day Initiative
ZDI-25-822: (0Day) Microsoft SharePoint GetTransformer Unsafe Reflection Denial-of-Service Vulnerability This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Microsoft SharePoint. Authentication is required to... 07/08/2025 Zero-Day Initiative
ZDI-25-821: (0Day) Microsoft Windows Internet Explorer Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to... 07/08/2025 Zero-Day Initiative
ZDI-25-820: (0Day) Microsoft SharePoint IsAuthorizedType Deserialization of Untrusted Data Information Disclosure and Denial-of-Service Vulnerability This vulnerability allows remote attackers to disclose sensitive information or create a denial-of-service condition on affected installations of Microsoft SharePoint.... 07/08/2025 Zero-Day Initiative
ZDI-25-819: (0Day) Microsoft Windows NetBIOS Hostname SmartScreen Bypass Remote Code Execution Vulnerability This vulnerability allows network-adjacent attackers to bypass the SmartScreen security feature on affected installations of Microsoft Windows. User interaction is... 07/08/2025 Zero-Day Initiative
ZDI-25-818: (0Day) Microsoft Windows OneDrive SmartScreen Bypass Vulnerability This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of Microsoft Windows. User interaction is... 07/08/2025 Zero-Day Initiative