WingFTP Critical Remote Code Execution Vulnerability (CVE-2025-47812) Julien Ahrens from RCE Security discovered a critical security vulnerability impacting WingFTP. Tracked as CVE-2025-47812, the vulnerability has a CVSS... 03/07/2025 Qualys-Threat-Protect
Google Addresses Zero-day Vulnerability impacting Chrome Browser (CVE-2025-6554) Chrome browser is vulnerable to a security vulnerability being exploited in the wild. Tracked as CVE-205-6554, this is a type... 02/07/2025 Qualys-Threat-Protect
ZDI-25-466: (0Day) Marvell QConvergeConsole readNICParametersFromFile Deserialization of Untrusted Data Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole. Authentication is not required to... 28/06/2025 Zero-Day Initiative
ZDI-25-465: (0Day) Marvell QConvergeConsole readObjectFromConfigFile Deserialization of Untrusted Data Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole. Authentication is not required to... 28/06/2025 Zero-Day Initiative
ZDI-25-464: (0Day) Marvell QConvergeConsole getFileFromURL Unrestricted File Upload Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole. Authentication is not required to... 28/06/2025 Zero-Day Initiative
ZDI-25-463: (0Day) Marvell QConvergeConsole getDriverTmpPath Directory Traversal Information Disclosure Vulnerability This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. Authentication is not required to... 28/06/2025 Zero-Day Initiative
ZDI-25-462: (0Day) Marvell QConvergeConsole decryptFile Directory Traversal Arbitrary File Write Vulnerability This vulnerability allows remote attackers to create arbitrary files on affected installations of Marvell QConvergeConsole. Authentication is not required to... 28/06/2025 Zero-Day Initiative
ZDI-25-461: (0Day) Marvell QConvergeConsole deleteEventLogFile Directory Traversal Arbitrary File Deletion Vulnerability This vulnerability allows remote attackers to delete arbitrary files on affected installations of Marvell QConvergeConsole. Authentication is not required to... 28/06/2025 Zero-Day Initiative
ZDI-25-460: (0Day) Marvell QConvergeConsole saveNICParamsToFile Directory Traversal Arbitrary File Write Vulnerability This vulnerability allows remote attackers to create arbitrary files on affected installations of Marvell QConvergeConsole. Authentication is not required to... 28/06/2025 Zero-Day Initiative
ZDI-25-459: (0Day) Marvell QConvergeConsole restoreESwitchConfig Directory Traversal Information Disclosure Vulnerability This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. Authentication is not required to... 28/06/2025 Zero-Day Initiative
