ZDI-25-959: Oracle VirtualBox VMSVGA Integer Underflow Local Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the... 28/10/2025 Zero-Day Initiative
ZDI-25-958: Oracle VirtualBox VMSVGA Out-Of-Bounds Read Information Disclosure Vulnerability This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain... 28/10/2025 Zero-Day Initiative
ZDI-25-956: (0Day) Ashlar-Vellum Cobalt CO File Parsing Use-After-Free Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to... 17/10/2025 Zero-Day Initiative
ZDI-25-955: (0Day) Ashlar-Vellum Cobalt CO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to... 17/10/2025 Zero-Day Initiative
ZDI-25-954: (0Day) Ashlar-Vellum Cobalt XE File Parsing Integer Overflow Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to... 17/10/2025 Zero-Day Initiative
ZDI-25-953: Microsoft Windows TAR File Parsing NTLM Relay Vulnerability This vulnerability allows remote attackers to relay NTLM credentials on affected installations of Microsoft Windows. User interaction is required to... 15/10/2025 Zero-Day Initiative
ZDI-25-952: Ivanti Endpoint Manager UniqueFilename Unrestricted File Upload Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Endpoint Manager. User interaction is required... 11/10/2025 Zero-Day Initiative
ZDI-25-951: Allegra DatabaseBackupBL Directory Traversal Information Disclosure Vulnerability This vulnerability allows remote attackers to disclose sensitive information on affected installations of Allegra. Authentication is required to exploit this... 09/10/2025 Zero-Day Initiative
ZDI-25-950: 7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this product is required... 08/10/2025 Zero-Day Initiative
ZDI-25-949: 7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this product is required... 08/10/2025 Zero-Day Initiative
