ZDI-25-385: Siemens TeleControl Server Basic RestoreFromBackup SQL Injection Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens TeleControl Server Basic. Although authentication is... 17/06/2025 Zero-Day Initiative
ZDI-25-384: Siemens TeleControl Server Basic Authenticate SQL Injection Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens TeleControl Server Basic. Authentication is not... 17/06/2025 Zero-Day Initiative
ZDI-25-383: Siemens TeleControl Server Basic VerifyUser SQL Injection Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens TeleControl Server Basic. Authentication is not... 17/06/2025 Zero-Day Initiative
ZDI-25-382: Siemens TeleControl Server Basic UpdateProject SQL Injection Information Disclosure Vulnerability This vulnerability allows remote attackers to disclose sensitive information on affected installations of Siemens TeleControl Server Basic. Although authentication is... 17/06/2025 Zero-Day Initiative
ZDI-25-380: Trend Micro Maximum Security Platinum Host Service Link Following Local Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Maximum Security. An attacker must first... 14/06/2025 Zero-Day Initiative
ZDI-25-379: (Pwn2Own) Ubiquiti Networks AI Bullet Insufficient Firmware Update Validation Remote Code Execution Vulnerability This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Ubiquiti Networks AI Bullet Cameras. Although authentication is required... 12/06/2025 Zero-Day Initiative
ZDI-25-378: (Pwn2Own) Ubiquiti Networks UniFi Console Missing Authentication for Critical Function Authentication Bypass Vulnerability This vulnerability allows network-adjacent attackers to bypass authentication on affected Ubiquiti Networks UniFi Console devices. Authentication is not required to... 12/06/2025 Zero-Day Initiative
ZDI-25-377: (Pwn2Own) Ubiquiti Networks AI Bullet Improper Neutralization of Escape Sequences Authentication Bypass Vulnerability This vulnerability allows network-adjacent attackers to bypass authentication on affected Ubiquiti Networks AI Bullet cameras. Authentication is not required to... 12/06/2025 Zero-Day Initiative
ZDI-25-376: (Pwn2Own) Ubiquiti Networks AI Bullet Improper Certificate Validation Authentication Bypass Vulnerability This vulnerability allows network-adjacent attackers to bypass authentication on affected Ubiquiti Networks AI Bullet cameras. Authentication is not required to... 12/06/2025 Zero-Day Initiative
ZDI-25-375: Trend Micro Endpoint Encryption ProcessWhereClause SQL Injection Privilege Escalation Vulnerability This vulnerability allows remote attackers to escalate privileges on affected installations of Trend Micro Endpoint Encryption. Although authentication is required... 12/06/2025 Zero-Day Initiative
