In the CGI gem before 0.4.2 for Ruby, a Regular Expression Denial of Service (ReDoS) vulnerability exists in the Util#escapeElement method.

In the CGI gem before 0.4.2 for Ruby, the CGI::Cookie.parse method in the CGI library contains a potential Denial of Service (DoS) vulnerability. The method does not impose any limit on the length of the raw cookie value it processes. This oversight can lead to excessive resource consumption when parsing extremely large cookies.

Possible SSRF and Credential Leakage via Absolute URL in axios Requests

redis-check-aof may lead to stack overflow and potential RCE

Go JOSE's Parsing Vulnerable to Denial of Service

libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c.

Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability

Win32k Elevation of Privilege Vulnerability

Windows TCP/IP Remote Code Execution Vulnerability

Microsoft Defender for Identity Spoofing Vulnerability

Microsoft Defender Elevation of Privilege Vulnerability

Azure Playwright Elevation of Privilege Vulnerability

ASP.NET Core and Visual Studio Denial of Service Vulnerability

Win32k Elevation of Privilege Vulnerability

Windows Standards-Based Storage Management Service Denial of Service Vulnerability

RPC Endpoint Mapper Service Elevation of Privilege Vulnerability

Windows Defender Application Control Security Feature Bypass Vulnerability

Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability

Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability

Windows Subsystem for Linux Elevation of Privilege Vulnerability