ZDI-25-577: Microsoft Windows AppX Deployment Service Link Following Local Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the... 09/07/2025 Zero-Day Initiative
ZDI-25-576: Siemens SINEC NMS uploadFWBinary Directory Traversal Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens SINEC NMS. Although authentication is required... 09/07/2025 Zero-Day Initiative
ZDI-25-575: Siemens SINEC NMS unZipJarFilestoLocation Directory Traversal Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens SINEC NMS. Although authentication is required... 09/07/2025 Zero-Day Initiative
ZDI-25-574: Siemens SINEC NMS reqToChangePassword Authentication Bypass Vulnerability This vulnerability allows remote attackers to bypass authentication on affected installations of Siemens SINEC NMS. Authentication is not required to... 09/07/2025 Zero-Day Initiative
ZDI-25-573: IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required... 09/07/2025 Zero-Day Initiative
ZDI-25-572: IrfanView CADImage Plugin DXF File Parsing Memory Corruption Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required... 09/07/2025 Zero-Day Initiative
ZDI-25-482: (0Day) INVT VT-Designer PM3 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of INVT VT-Designer. User interaction is required to... 08/07/2025 Zero-Day Initiative
ZDI-25-481: (0Day) INVT VT-Designer PM3 File Parsing Type Confusion Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of INVT VT-Designer. User interaction is required to... 08/07/2025 Zero-Day Initiative
ZDI-25-480: (0Day) INVT VT-Designer PM3 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of INVT VT-Designer. User interaction is required to... 08/07/2025 Zero-Day Initiative
ZDI-25-479: (0Day) INVT VT-Designer PM3 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of INVT VT-Designer. User interaction is required to... 08/07/2025 Zero-Day Initiative
