ZDI-25-906: SolarWinds Web Help Desk AjaxProxy Deserialization of Untrusted Data Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Web Help Desk. Authentication is not... 25/09/2025 Zero-Day Initiative
ZDI-25-905: Gen Digital CCleaner Link Following Local Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Gen Digital CCleaner. An attacker must first obtain... 25/09/2025 Zero-Day Initiative
SolarWinds Web Help Desk Remote Code Execution Vulnerability (CVE-2025-26399) SolarWinds released a security advisory to address a critical severity vulnerability impacting its Web Help Desk software. Tracked as CVE-2025-26399,... 25/09/2025 Qualys-Threat-Protect
GoAnywhere Managed File Transfer (MFT) Deserialization Vulnerability (CVE-2025-10035) Fortra released security updates for a critical severity vulnerability impacting GoAnywhere MFT’s License Servlet. Tracked as CVE-2025-10035, the vulnerability has... 23/09/2025 Qualys-Threat-Protect
ZDI-25-904: Dassault Systèmes eDrawings Viewer PAR File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings Viewer. User interaction is... 23/09/2025 Zero-Day Initiative
ZDI-25-903: Dassault Systèmes eDrawings Viewer PAR File Parsing Use-After-Free Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings Viewer. User interaction is... 23/09/2025 Zero-Day Initiative
ZDI-25-902: Dassault Systèmes eDrawings Viewer JT File Parsing Uninitialized Variable Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings Viewer. User interaction is... 23/09/2025 Zero-Day Initiative
ZDI-25-901: Apple Safari IPC Connection Invalidation Use-After-Free Information Disclosure Vulnerability This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple Safari. User interaction is required to... 19/09/2025 Zero-Day Initiative
ZDI-25-900: Apple macOS OGG Audio File Header Parsing Memory Corruption Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. User interaction is required to... 19/09/2025 Zero-Day Initiative
ZDI-25-899: Apple macOS Audio APAC Frame Decoding Out-Of-Bounds Write Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. User interaction is required to... 19/09/2025 Zero-Day Initiative
