ZDI-25-471: Delta Electronics CNCSoft Screen Editor DPB File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics CNCSoft. User interaction is required... 04/07/2025 Zero-Day Initiative
ZDI-25-470: Delta Electronics CNCSoft Screen Editor DPB File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics CNCSoft. User interaction is required... 04/07/2025 Zero-Day Initiative
ZDI-25-469: Delta Electronics CNCSoft Screen Editor DPB File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics CNCSoft. User interaction is required... 04/07/2025 Zero-Day Initiative
ZDI-25-468: GFI Archiver Telerik Web UI Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of GFI Archiver. Authentication is not required to... 04/07/2025 Zero-Day Initiative
ZDI-25-467: GStreamer H266 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required... 04/07/2025 Zero-Day Initiative
Anthropic Model Context Protocol (MCP) Inspector Remote Code Execution Vulnerability (CVE-2025-49596) A critical remote code execution vulnerability has been discovered in Anthropic’s open‑source tool, MCP Inspector, which is widely used by... 04/07/2025 Qualys-Threat-Protect
Cisco Unified Communications Manager Static SSH Credentials Vulnerability (CVE-2025-20309) Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) are vulnerable to a... 04/07/2025 Qualys-Threat-Protect
WingFTP Critical Remote Code Execution Vulnerability (CVE-2025-47812) Julien Ahrens from RCE Security discovered a critical security vulnerability impacting WingFTP. Tracked as CVE-2025-47812, the vulnerability has a CVSS... 03/07/2025 Qualys-Threat-Protect
Google Addresses Zero-day Vulnerability impacting Chrome Browser (CVE-2025-6554) Chrome browser is vulnerable to a security vulnerability being exploited in the wild. Tracked as CVE-205-6554, this is a type... 02/07/2025 Qualys-Threat-Protect
ZDI-25-466: (0Day) Marvell QConvergeConsole readNICParametersFromFile Deserialization of Untrusted Data Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole. Authentication is not required to... 28/06/2025 Zero-Day Initiative
