Latest zero-days Total: 548, in 2021: Zero-days 75, candidates: 1

SQL injection in BQE BillQuick Web Suite

The vulnerability allows a remote attacker to cause SQL injection, leading to remote code execution.

Privilege escalation in Microsoft Windows kernel


A Chinese-speaking hacking group exploited a zero-day vulnerability in the Windows Win32k kernel driver to deploy a previously unknown remote access trojan (RAT).

The attacks were noticed in late August and September 2021