Microsoft Office Online Server Spoofing Vulnerability

Windows Hyper-V Remote Code Execution Vulnerability

Linux kernel bpf verifier incorrect mod32 truncation

Win32k Elevation of Privilege Vulnerability

Scripting Engine Memory Corruption Vulnerability

Windows MSHTML Platform Remote Code Execution Vulnerability

Windows HTML Platforms Security Feature Bypass Vulnerability

Windows Remote Access Connection Manager Elevation of Privilege Vulnerability

Windows DNS Server Denial of Service Vulnerability

Windows DNS Server Remote Code Execution Vulnerability

Microsoft Windows Media Foundation Remote Code Execution Vulnerability

GDI+ Information Disclosure Vulnerability

A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.27 handled component references in the JP2 image format decoder. A specially crafted JP2 image file could cause an application using the Jasper library to crash when opened.

Microsoft Windows Media Foundation Remote Code Execution Vulnerability

Windows Font Driver Host Remote Code Execution Vulnerability

A flaw was found in the RPM package in the read functionality. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package or compromise an RPM repository to cause RPM database corruption. The highest threat from this vulnerability is to data integrity. This flaw affects RPM versions before 4.17.0-alpha.

Stack overflow vulnerability in OpenSC smart card middleware before 0.23 via crafted responses to APDUs.

If certificates that signed grub are installed into db grub can be booted directly. It will then boot any kernel without signature validation. The booted kernel will think it was booted in secureboot mode and will implement lockdown yet it could have been tampered. This flaw is a reintroduction of CVE-2020-15705 and only affects grub2 versions prior to 2.06 and upstream and distributions using the shim_lock mechanism.