IOC Feed — FreeIntelHub

CISA Advisories General Mar 17

CODESYS in Festo Automation Suite

View CSAF Summary 3. TECHNICAL DETAILS The following versions of CODESYS in Festo Automation Suite are affected: FESTO Software Festo Automation Suite (versi...

IPs: 2.8.0.138 3.5.16.10 2.8.0.137

CISA Advisories →

The Hacker News CVE Mar 17

CISA Flags Actively Exploited Wing FTP Vulnerability Leaking Server Paths

The U.S.

CVEs: CVE-2025-47813

The Hacker News →

Zero Day Initiative CVE Mar 17

ZDI-26-216: (Pwn2Own) QNAP TS-453E smbd domain_name Argument Injection Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of QNAP TS-453E devices. Authentication is not requir...

CVEs: CVE-2025-62847

Zero Day Initiative →

CISA Advisories CVE Mar 16

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2025-47813 Wing FTP ...

CVEs: CVE-2025-47813

CISA Advisories →

Zero Day Initiative CVE Mar 16

ZDI-26-215: KeePassXC OpenSSL Configuration Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of KeePassXC. An attacker must first obtain the ability to execute...

CVEs: CVE-2026-4158

Zero Day Initiative →

Zero Day Initiative CVE Mar 16

ZDI-26-214: GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerab...

CVEs: CVE-2026-2049

Zero Day Initiative →

Zero Day Initiative CVE Mar 16

ZDI-26-213: GIMP LBM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerab...

CVEs: CVE-2026-2046

Zero Day Initiative →

Zero Day Initiative CVE Mar 16

ZDI-26-212: Schneider Electric EcoStruxure Data Center Expert Hard-coded Password Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric EcoStruxure Data Center Expert. Authenti...

CVEs: CVE-2025-13957

Zero Day Initiative →

Zero Day Initiative CVE Mar 16

ZDI-26-211: Delta Electronics ASDA-Soft PAR File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics ASDA-Soft. User interaction is required t...

CVEs: CVE-2026-1361

Zero Day Initiative →

Zero Day Initiative CVE Mar 16

ZDI-26-210: (Pwn2Own) Samsung Galaxy S25 Samsung Members Security Feature Bypass Vulnerability

This vulnerability allows remote attackers to bypass a security feature on affected installations of Samsung Galaxy S25. Authentication is not required to ex...

CVEs: CVE-2025-21079

Zero Day Initiative →

Zero Day Initiative CVE Mar 16

ZDI-26-209: (Pwn2Own) Samsung Galaxy S25 Samsung Members Open Redirect Security Bypass Vulnerability

This vulnerability allows remote attackers to bypass security on affected installations of Samsung Galaxy S25. Authentication is not required to exploit this...

CVEs: CVE-2025-21079

Zero Day Initiative →

Zero Day Initiative CVE Mar 16

ZDI-26-208: (Pwn2Own) Canon imageCLASS MF654Cdw TTF Parsing Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF654Cdw printers. Authenticatio...

CVEs: CVE-2025-14237

Zero Day Initiative →

Zero Day Initiative CVE Mar 16

ZDI-26-207: (Pwn2Own) Canon imageCLASS MF654Cdw dtdc_addr_importSub Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF654Cdw printers. Authenticatio...

CVEs: CVE-2025-14236

Zero Day Initiative →

Zero Day Initiative CVE Mar 16

ZDI-26-206: (Pwn2Own) Canon imageCLASS MF654Cdw TTF Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF654Cdw printers. Authenticatio...

CVEs: CVE-2025-14235

Zero Day Initiative →

Zero Day Initiative CVE Mar 16

ZDI-26-205: (Pwn2Own) Canon imageCLASS MF654Cdw PJCC Request Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF654Cdw printers. Authenticatio...

CVEs: CVE-2025-14234

Zero Day Initiative →

Zero Day Initiative CVE Mar 16

ZDI-26-204: (Pwn2Own) Canon imageCLASS MF654Cdw XPS Parser Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF654Cdw printers. Authenticatio...

CVEs: CVE-2025-14232

Zero Day Initiative →

Zero Day Initiative CVE Mar 16

ZDI-26-203: (Pwn2Own) Canon imageCLASS MF654Cdw XML SOAP Request Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF654Cdw printers. Authenticatio...

CVEs: CVE-2025-14231

Zero Day Initiative →

Zero Day Initiative CVE Mar 16

ZDI-26-202: (Pwn2Own) QNAP TS-453E Hyper Data Protector Plugin query_original_file_size SQL Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of QNAP TS-453E. Although authentication is required...

CVEs: CVE-2025-59389

Zero Day Initiative →

Zero Day Initiative CVE Mar 16

ZDI-26-201: (Pwn2Own) QNAP TS-453E Hyper Data Protector Plugin Hard-Coded Credentials Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of QNAP TS-453E devices. Authentication is not requir...

CVEs: CVE-2025-59388

Zero Day Initiative →

Zero Day Initiative CVE Mar 16

ZDI-26-200: (Pwn2Own) QNAP TS-453E nvrlog_event_add msg SQL Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of QNAP TS-453E devices. Although authentication is ...

CVEs: CVE-2025-62849

Zero Day Initiative →