ZDI-25-806: (0Day) AOMEI Backupper Workstation Link Following Local Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of AOMEI Backupper Workstation. An attacker must first obtain... 07/08/2025 Zero-Day Initiative
ZDI-25-805: (0Day) Vacron Camera ping Command Injection Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Vacron Camera devices. Authentication is required to... 07/08/2025 Zero-Day Initiative
ZDI-25-804: (0Day) (Pwn2Own) Kenwood DMX958XR Protection Mechanism Failure Software Downgrade Vulnerability This vulnerability allows physically present attackers to downgrade software on affected installations of Kenwood DMX958XR devices. Authentication is not required... 07/08/2025 Zero-Day Initiative
ZDI-25-803: (0Day) (Pwn2Own) Kenwood DMX958XR libSystemLib Command injection Remote Code Execution Vulnerability This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not... 07/08/2025 Zero-Day Initiative
ZDI-25-802: (0Day) (Pwn2Own) Kenwood DMX958XR ReadMVGImage Command Injection Remote Code Execution Vulnerability This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required... 07/08/2025 Zero-Day Initiative
ZDI-25-801: (0Day) (Pwn2Own) Kenwood DMX958XR JKRadioService Stack-based Buffer Overflow Remote Code Execution Vulnerability This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Kenwood DMX958XR. Authentication is not required to... 07/08/2025 Zero-Day Initiative
ZDI-25-800: (0Day) (Pwn2Own) Kenwood DMX958XR JKWifiService Command Injection Remote Code Execution Vulnerability This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not... 07/08/2025 Zero-Day Initiative
ZDI-25-799: (0Day) (Pwn2Own) Kenwood DMX958XR JKWifiService Command Injection Remote Code Execution Vulnerability This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not... 07/08/2025 Zero-Day Initiative
ZDI-25-798: (0Day) (Pwn2Own) Kenwood DMX958XR libSystemLib Command Injection Remote Code Execution Vulnerability This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not... 07/08/2025 Zero-Day Initiative
ZDI-25-797: (0Day) (Pwn2Own) Kenwood DMX958XR JKWifiService Command Injection Remote Code Execution Vulnerability This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not... 07/08/2025 Zero-Day Initiative
