Secure Cyber Vulnerability Management (SCVM)

Ivanti Endpoint Manager (EPM) Multiple Vulnerabilities (CVE-2025-10573, CVE-2025-13659, CVE-2025-13661, & CVE-2025-13662)

Ivanti released a security advisory to address three high-severity vulnerabilities and one critical-severity vulnerability impacting EPM core and remote consoles. Ivanti mentioned in their advisory that they are unaware...

12/12/2025

Qualys-Threat-Protect

ZDI-25-1072: IceWarp14 X-File-Operation Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of IceWarp. Authentication is not required to exploit...

11/12/2025

Zero-Day Initiative

ZDI-25-1071: IceWarp gmaps Cross-Site Scripting Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of IceWarp. User interaction is required to exploit this...

11/12/2025

Zero-Day Initiative

ZDI-25-1070: TradingView Desktop Electron Uncontrolled Search Path Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of TradingView Desktop. An attacker must first obtain the...

11/12/2025

Zero-Day Initiative

ZDI-25-1069: (Pwn2Own) oFono CUSD Stack-based Buffer Overflow Code Execution Vulnerability

This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the...

11/12/2025

Zero-Day Initiative