Microsoft Office Remote Code Execution Vulnerability

Squid vulnerable to information disclosure via authentication credential leakage in error handling

Gdk-pixbuf: uninitialized memory disclosure in gdkpixbuf gif lzw decoder

ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used.

ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence expansion of a configuration file. (A configuration file that provides a complete literal username is not categorized as an untrusted source.)

Chromium: CVE-2025-6192 Use after free in Profiler

Chromium: CVE-2025-6191 Integer overflow in V8

OpenPrinting CUPS vulnerable to stack based out-of-bound write

Excessive resource consumption when printing error string for host certificate validation in crypto/x509

Improper application of excluded DNS name constraints when verifying wildcard names in crypto/x509

Excessive CPU consumption in ParseAddress in net/mail

Excessive CPU consumption in Reader.ReadResponse in net/textproto

Quadratic complexity when parsing some invalid inputs in encoding/pem

Libxml2: stack buffer overflow in xmllint interactive shell command handling

Grub2: missing unregister call for normal_exit command may lead to use-after-free

Grub2: missing unregister call for normal commands may lead to use-after-free

Grub2: missing unregister call for gettext command may lead to use-after-free

Grub2: grub2: out-of-bounds write via malicious usb device

GNU ncurses parse_entry.c postprocess_termcap stack-based overflow

spdlog pattern_formatter-inl.h scoped_padder resource consumption