Windows Local Security Authority (LSA) Denial of Service Vulnerability

Windows Storage Management Provider Information Disclosure Vulnerability

Remote Desktop Spoofing Vulnerability

Internet Shortcut Files Remote Code Execution Vulnerability

Windows DWM Core Library Information Disclosure Vulnerability

Microsoft Exchange Server Information Disclosure Vulnerability

DHCP Server Service Denial of Service Vulnerability

Gnutls: vulnerability in gnutls certtool template parsing

Gnutls: vulnerability in gnutls sct extension parsing

Gnutls: vulnerability in gnutls othername san export

Libsoup: null pointer dereference in soup_message_headers_get_content_disposition when "filename" parameter is present, but has no value in content-disposition header

Libsoup: double free on soup_message_headers_get_content_disposition() through "soup-message-headers.c" via "params" ghashtable value

Libsoup: denial of service on libsoup through http/2 server

Libsoup: out of bounds reads in soup_headers_parse_request()

An integer overflow can be triggered in SQLite’s `concat_ws()` function. The resulting, truncated integer is then used to allocate a buffer. When SQLite then writes the resulting string to the buffer, it uses the original, untruncated size and thus a wild Heap Buffer overflow of size ~4GB can be triggered. This can result in arbitrary code execution.