ZDI-25-1053: (0Day) Microsoft SharePoint Calendar Overlay Hyperlink Injection Vulnerability This vulnerability allows remote attackers to inject unexpected hyperlinks on affected installations of Microsoft SharePoint. User interaction is required to... 11/12/2025 Zero-Day Initiative
ZDI-25-1052: Ivanti Endpoint Manager CAB File Parsing Directory Traversal Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Endpoint Manager. Authentication is required to... 11/12/2025 Zero-Day Initiative
ZDI-25-1051: Ivanti Endpoint Manager HIIDriver Improper Verification of Cryptographic Signature Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Endpoint Manager. User interaction is required... 11/12/2025 Zero-Day Initiative
ZDI-25-1050: Microsoft Azure Virtual Desktop Link Following Local Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Azure Virtual Desktop. An attacker must first... 11/12/2025 Zero-Day Initiative
ZDI-25-1049: Microsoft Windows win32kfull Out-Of-Bounds Write Local Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the... 11/12/2025 Zero-Day Initiative
ZDI-25-1048: Microsoft Windows win32kfull Out-Of-Bounds Write Local Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the... 11/12/2025 Zero-Day Initiative
ZDI-25-1047: Microsoft Windows win32kbase Out-Of-Bounds Access Local Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the... 11/12/2025 Zero-Day Initiative
ZDI-25-1046: Microsoft Windows win32kfull Type Confusion Local Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the... 11/12/2025 Zero-Day Initiative
Fortinet Addresses Critical Vulnerabilities Impacting Multiple Fortinet Products (CVE-2025-59718 & CVE-2025-59719) Fortinet releases fixes to address two critical vulnerabilities affecting FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager. Tracked as CVE-2025-59718 and CVE-2025-59719, both... 11/12/2025 Qualys-Threat-Protect
Microsoft Patch Tuesday, December 2025 Security Update Review As the year winds down, Microsoft Patch Tuesday in December arrives with essential fixes and enhancements to close vulnerabilities and boost performance. Here’s a quick breakdown of what you need to know.... 10/12/2025 Qualys-Threat-Protect
