ZDI-25-418: Apple macOS CoreGraphics PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. User interaction is required to... 25/06/2025 Zero-Day Initiative
ZDI-25-417: Clam AntiVirus UDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability This vulnerability allows remote attackers to disclose sensitive information on affected installations of Clam AntiVirus. User interaction is required to... 24/06/2025 Zero-Day Initiative
ZDI-25-416: ServiceStack FindType Directory Traversal Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of ServiceStack. Interaction with this library is required... 24/06/2025 Zero-Day Initiative
ZDI-25-415: ServiceStack GetErrorResponse Improper Input Validation NTLM Relay Vulnerability This vulnerability allows remote attackers to relay NTLM credentials on affected installations of ServiceStack. Interaction with this library is required... 24/06/2025 Zero-Day Initiative
ZDI-25-414: Ruby WEBrick read_header HTTP Request Smuggling Vulnerability This vulnerability allows remote attackers to smuggle arbitrary HTTP requests on affected installations of Ruby WEBrick. This issue is exploitable... 24/06/2025 Zero-Day Initiative
ZDI-25-413: Fuji Electric Smart Editor TL5 File Parsing Stack-Based Buffer Overflow Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Smart Editor. User interaction is... 21/06/2025 Zero-Day Initiative
ZDI-25-412: Fuji Electric Smart Editor X1 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Smart Editor. User interaction is... 21/06/2025 Zero-Day Initiative
ZDI-25-411: Delta Electronics CNCSoft-G2 DPAX File Parsing Memory Corruption Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics CNCSoft-G2. User interaction is required... 21/06/2025 Zero-Day Initiative
ZDI-25-410: Allegra calculateTokenExpDate Password Recovery Authentication Bypass Vulnerability This vulnerability allows remote attackers to bypass authentication on affected installations of Allegra. Authentication is not required to exploit this... 20/06/2025 Zero-Day Initiative
ZDI-25-409: RARLAB WinRAR Directory Traversal Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR. User interaction is required to... 20/06/2025 Zero-Day Initiative
