ZDI Advisories
359 advisoriesZero Day Initiative vulnerability advisories – published disclosures and upcoming publications.
Glarysoft Glary Utilities Link Following Local Privilege Escalation Vulnerability
AnyDesk Support Information Link Following Denial-of-Service Vulnerability
(Pwn2Own) Lorex 2K Indoor Wi-Fi Security Camera Device Management Server Improper Certificate Validation Vulnerability
Ollama downloadBlob Improper Validation of Array Index Denial-of-Service Vulnerability
AnyDesk Screen Recording Link Following Denial-of-Service Vulnerability
(Pwn2Own) Lorex 2K Indoor Wi-Fi Security Camera CDeviceOperator Format String Remote Code Execution Vulnerability
Quest NetVault Backup NVBULogDaemon Command Injection Remote Code Execution Vulnerability
Quest NetVault Backup NVBULibrarySlot SQL Injection Remote Code Execution Vulnerability
Quest NetVault Backup addclient3 Cross-Site Scripting Authentication Bypass Vulnerability
Oracle PeopleSoft ExecuteProcessActivityCommand External Control of File Path Remote Code Execution Vulnerability
Quest NetVault Backup NVBUDashboard SQL Injection Remote Code Execution Vulnerability
ATEN Unizon doCryptoHugeFileToFile Improper Verification of Cryptographic Signature Remote Code Execution Vulnerability
ATEN Unizon uploadSSL Directory Traversal Arbitrary File Deletion Vulnerability
Quest NetVault Backup viewclient Cross-Site Scripting Authentication Bypass Vulnerability
Quest NetVault Backup NVBURemovableMedia SQL Injection Remote Code Execution Vulnerability
Quest NetVault Backup NVBUDeviceDrive SQL Injection Remote Code Execution Vulnerability
X.Org Server SyncChangeCounter Use-After-Free Privilege Escalation Vulnerability
X.Org Server ChangeDrawableAttributes Out-Of-Bounds Read Information Disclosure Vulnerability
X.Org Server Xkb Key Types Stack-based Buffer Overflow Privilege Escalation Vulnerability
Oracle PeopleSoft HubMBeanPersistance Deserialization of Untrusted Data Remote Code Execution Vulnerability
X.Org Server miSyncDestroyFence Use-After-Free Privilege Escalation Vulnerability
X.Org Server Font Alias Stack-based Buffer Overflow Privilege Escalation Vulnerability
Unraid Web Server ToggleState Command Injection Remote Code Execution Vulnerability
ATEN Unizon ImportDeviceList Directory Traversal Remote Code Execution Vulnerability
Unraid Web Server FileUpload Command Injection Remote Code Execution Vulnerability
MosaicML Composer Deserialization of Untrusted Data Remote Code Execution Vulnerability
ATEN Unizon restoreDB Directory Traversal Remote Code Execution Vulnerability
ATEN Unizon writeFileToHttpServletResponse Directory Traversal Information Disclosure Vulnerability
ATEN Unizon updateLicense Directory Traversal Arbitrary File Deletion Vulnerability
X.Org Server FreeCounter Use-After-Free Privilege Escalation Vulnerability