encodeText in QDom in Qt before 6.8.0 has a complex algorithm involving XML string copy and inline replacement of parts of a string (with relocation of later data).

In GnuPG before 2.5.5, if a user chooses to import a certificate with certain crafted subkey data that lacks a valid backsig or that has incorrect usage flags, the user loses the ability to verify signatures made from certain other signing keys, aka a "verification DoS."

RabbitMQ has XSS Vulnerability in an Error Message in Management UI

NATS-Server Fails to Authorize Certain Jetstream Admin APIs

KEX init error results with excessive memory usage

jwt-go allows excessive memory allocation during header parsing

Khronos Group glslang Intermediate.cpp isConversionAllowed null pointer dereference

PyTorch torch.lstm_cell memory corruption

PyTorch torch.nn.utils.rnn.pad_packed_sequence memory corruption

Microsoft Excel Remote Code Execution Vulnerability

Microsoft PowerPoint Remote Code Execution Vulnerability

Microsoft Excel Remote Code Execution Vulnerability

Microsoft SharePoint Server Elevation of Privilege Vulnerability

Microsoft PC Manager Elevation of Privilege Vulnerability

Windows Kernel Information Disclosure Vulnerability

Microsoft Azure File Sync Elevation of Privilege Vulnerability

Azure Storage Resource Provider Spoofing Vulnerability

Web Threat Defense (WTD.sys) Denial of Service Vulnerability

Microsoft Brokering File System Elevation of Privilege Vulnerability

MS-EVEN RPC Remote Code Execution Vulnerability