Microsoft SharePoint Remote Code Execution Vulnerability

Microsoft Office Elevation of Privilege Vulnerability

Microsoft Excel Remote Code Execution Vulnerability

Memory Exhaustion in Expr Parser with Unrestricted Input

Vim vulnerable to potential data loss with zip.vim and special crafted zip files

PyTorch torch.mkldnn_max_pool2d denial of service

Buffer Overflow vulnerability in libbpf 1.5.0 allows a local attacker to execute arbitrary code via the bpf_object__init_prog` function of libbpf.

An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the cfl_list_size in cfl_list.h:165.

An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the function consume_event.

HDF5 H5Ocache.c H5O__cache_chk_serialize null pointer dereference

HDF5 H5MM.c H5MM_realloc double free

HDF5 H5HLcache.c H5HL__fl_deserialize heap-based overflow

HDF5 H5Fint.c H5F_addr_encode_len heap-based overflow

HDF5 H5Faccum.c H5F__accum_free heap-based overflow

HDF5 H5FScache.c H5FS__sinfo_Srialize_Sct_cb heap-based overflow

HDF5 H5FL.c H5FL__blk_gc_list use after free

HDF5 H5Omessage.c H5O_msg_flush heap-based overflow

In SQLite 3.44.0 through 3.49.0 before 3.49.1, the concat_ws() SQL function can cause memory to be written beyond the end of a malloc-allocated buffer. If the separator argument is attacker-controlled and has a large string (e.g., 2MB or more), an integer overflow occurs in calculating the size of the result buffer, and thus malloc may not allocate enough memory.

Cert CC: CVE-2025-2884 Out-of-Bounds read vulnerability in TCG TPM2.0 reference implementation

Libsoup: heap buffer over-read in `skip_insignificant_space` when sniffing content