ZDI-25-614: Hewlett Packard Enterprise AutoPass License Server Authentication Bypass Vulnerability This vulnerability allows remote attackers to bypass authentication on affected installations of Hewlett Packard Enterprise AutoPass License Server. Authentication is... 18/07/2025 Zero-Day Initiative
ZDI-25-613: Hewlett Packard Enterprise AutoPass License Server Hard-coded Credentials Authentication Bypass Vulnerability This vulnerability allows remote attackers to disclose sensitive information or edit configuration on affected installations of Hewlett Packard Enterprise AutoPass... 18/07/2025 Zero-Day Initiative
ZDI-25-612: Hewlett Packard Enterprise AutoPass License Server Hard-coded Credentials Remote Code Execution Vulnerability This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Hewlett Packard Enterprise AutoPass License Server. Authentication... 18/07/2025 Zero-Day Initiative
ZDI-25-611: VMware ESXi VMCI Uninitialized Memory Information Disclosure Vulnerability This vulnerability allows local attackers to disclose sensitive information on affected installations of VMware ESXi. An attacker must first obtain... 18/07/2025 Zero-Day Initiative
ZDI-25-610: Linux Kernel ksmbd destroy_previous_session Null Pointer Dereference Denial-of-Service Vulnerability This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of the Linux Kernel. Authentication is not... 18/07/2025 Zero-Day Initiative
ZDI-25-609: Cisco Identity Services Engine invokeStrongSwanShellScript Command Injection Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cisco Identity Services Engine. Authentication is not... 18/07/2025 Zero-Day Initiative
ZDI-25-608: Cisco Identity Services Engine handleFilesUpload Unrestricted File Upload Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cisco Identity Services Engine. Authentication is not... 18/07/2025 Zero-Day Initiative
ZDI-25-607: Cisco Identity Services Engine enableStrongSwanTunnel Deserialization of Untrusted Data Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cisco Identity Services Engine. Authentication is not... 18/07/2025 Zero-Day Initiative
ZDI-25-606: Cisco Identity Services Engine handleStrongSwanTunnelStatus Deserialization of Untrusted Data Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cisco Identity Services Engine. Authentication is required... 18/07/2025 Zero-Day Initiative
ZDI-25-603: Autodesk Revit RTE File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk Revit. User interaction is required to... 17/07/2025 Zero-Day Initiative
