Microsoft Excel Remote Code Execution Vulnerability

Microsoft Excel Information Disclosure Vulnerability

Microsoft Excel Remote Code Execution Vulnerability

Microsoft Excel Remote Code Execution Vulnerability

Microsoft Excel Remote Code Execution Vulnerability

Microsoft SharePoint Remote Code Execution Vulnerability

Microsoft Excel Remote Code Execution Vulnerability

SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Elevation of Privilege Vulnerability

Local Security Authority Subsystem Service Elevation of Privilege Vulnerability

Grub2: use-after-free in grub_file_close()

Grub2: use-after-free in net_set_vlan

hw/pci/pcie_sriov.c in QEMU through 10.0.3 mishandles the VF Enable bit write mask, a related issue to CVE-2024-26327.

hw/pci/pcie_sriov.c in QEMU through 10.0.3 has a migration state inconsistency, a related issue to CVE-2024-26327.

Possible denial of service when passing malformed data in a URL to qDecodeDataUrl

AIDE null pointer dereference when reading incorrectly encoded xattr attributes from database (local DoS)

AIDE improper output neutralization vulnerability

In iperf before 3.19.1, net.c has a buffer overflow when --skip-rx-copy is used (for MSG_TRUNC in recv).

In iperf before 3.19.1, iperf_auth.c has a Base64Decode assertion failure and application exit upon a malformed authentication attempt.

In iperf before 3.19.1, iperf_auth.c has an off-by-one error and resultant heap-based buffer overflow.

Thor before 1.4.0 can construct an unsafe shell command from library input. NOTE: this is disputed by the Supplier because "the method that was fixed can only be used with arguments that are controlled by Thor, and there is no way an attacker can take control of those arguments."