Open Redirect in oidc_validate_redirect_url()

Format string bug in the Redis cache implementation

Integer overflow that can lead to heap overflow in redis-cli redis-sentinel on some platforms

Integer overflow issues with *BIT commands on 32-bit systems

Archive package allows chmod of file outside of unpack target directory

Regular Expression Denial of Service in Addressable templates

jp2_decode in jp2/jp2_dec.c in libjasper in JasPer 2.0.24 has a heap-based buffer over-read when there is an invalid relationship between the number of channels and the number of image components.

Integer overflow issue with intsets in Redis

DoS vulnerability in Redis

Vulnerability in Lua Debugger in Redis

Vulnerability in handling large ziplists

Integer overflow issue with Streams in Redis

Lua scripts can overflow the heap-based Lua stack in Redis

net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller.

An issue was discovered in json-c from 20200420 (post 0.14 unreleased code) through 0.15-20200726. A stack-buffer-overflow exists in the auxiliary sample program json_parse which is located in the function parseit.

An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.36. It is a stack-overflow issue in demangle_type in rust-demangle.c.