Icu: stack buffer overflow in the srbroot::addtag function

A buffer overflow vulnerability exists in libsndfile version 1.2.2 and potentially earlier versions when processing malformed IRCAM audio files. The vulnerability occurs in the ircam_read_header function at src/ircam.c:164 during sample rate processing, leading to memory corruption and potential code execution.

Path Traversal vulnerability in onnx.external_data_helper.save_external_data in ONNX 1.17.0 allows attackers to overwrite arbitrary files by supplying crafted external_data.location paths containing traversal sequences, bypassing intended directory restrictions.

Chromium: CVE-2025-5068 Use after free in Blink

Chromium: CVE-2025-5067 Inappropriate implementation in Tab Strip

Chromium: CVE-2025-5066 Inappropriate implementation in Messages

Chromium: CVE-2025-5065 Inappropriate implementation in FileSystemAccess API

Chromium: CVE-2025-5064 Inappropriate implementation in Background Fetch API

Chromium: CVE-2025-5063 Use after free in Compositing

Cairo through 1.18.4, as used in Poppler through 25.08.0, has an "unscaled->face == NULL" assertion failure for _cairo_ft_unscaled_font_fini in cairo-ft-font.c.

No QUIC certificate pinning with wolfSSL

RabbitMQ Node can log Basic Auth header from an HTTP request

urllib3 does not control redirects in browsers and Node.js

urllib3 redirects are not disabled when retries are disabled on PoolManager instantiation

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability

DirectX Graphics Kernel Remote Code Execution Vulnerability

Windows Digital Media Elevation of Privilege Vulnerability

Windows Device Association Broker Service Elevation of Privilege Vulnerability

Windows Installer Elevation of Privilege Vulnerability

DirectX Graphics Kernel Denial of Service Vulnerability