ZDI Advisories
400 advisoriesZero Day Initiative vulnerability advisories – published disclosures and upcoming publications.
Quest NetVault Backup NVBURASDevice SQL Injection Remote Code Execution Vulnerability
Quest NetVault Backup NVBUDashboard SQL Injection Remote Code Execution Vulnerability
Oracle PeopleSoft HubMBeanPersistance Deserialization of Untrusted Data Remote Code Execution Vulnerability
Oracle PeopleSoft ExecuteProcessActivityCommand External Control of File Path Remote Code Execution Vulnerability
X.Org Server Xkb Key Types Stack-based Buffer Overflow Privilege Escalation Vulnerability
X.Org Server miSyncDestroyFence Use-After-Free Privilege Escalation Vulnerability
X.Org Server Font Alias Stack-based Buffer Overflow Privilege Escalation Vulnerability
Quest NetVault Backup NVBUDashboard SQL Injection Remote Code Execution Vulnerability
X.Org Server FreeCounter Use-After-Free Privilege Escalation Vulnerability
Quest NetVault Backup addclient3 Cross-Site Scripting Authentication Bypass Vulnerability
Oracle PeopleSoft HttpListeningConnector Server-Side Request Forgery Vulnerability
Quest NetVault Backup NVBULibraryPort SQL Injection Remote Code Execution Vulnerability
Quest NetVault Backup NVBUDeviceDrive SQL Injection Remote Code Execution Vulnerability
Unraid Web Server ToggleState Command Injection Remote Code Execution Vulnerability
Fuji Electric Tellus pcid64 Driver Registry APIs Exposed Dangerous Method Local Privilege Escalation Vulnerability
FlowiseAI Flowise CSV Agent Prompt Injection Remote Code Execution Vulnerability
Docker MCP Plugin OCI Image Label Parsing Argument Injection Remote Code Execution Vulnerability
Oracle VirtualBox VMSVGA Stack-based Buffer Overflow Local Privilege Escalation Vulnerability
X.Org Server CreateSaverWindow Use-After-Free Information Disclosure Vulnerability
Adobe Acrobat Reader DC Field signatureInfo Use-After-Free Remote Code Execution Vulnerability
X.Org Server SetMap Request Stack-based Buffer Overflow Privilege Escalation Vulnerability
Quest NetVault Backup NVBURemovableMedia SQL Injection Remote Code Execution Vulnerability
X.Org Server ChangeDrawableAttributes Out-Of-Bounds Read Information Disclosure Vulnerability
X.Org Server SyncChangeCounter Use-After-Free Privilege Escalation Vulnerability
Allegra downloadAttachment Cross-Site Scripting Authentication Bypass Vulnerability
Allegra exportReport Directory Traversal Information Disclosure Vulnerability
Samsung rlottie Numeric Truncation Remote Code Execution Vulnerability
MATE Desktop Atril Document Viewer EPUB File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
Apache HTTP Server mod_proxy_ajp Out-Of-Bounds Read Information Disclosure Vulnerability
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability