Possible denial of service when passing malformed data in a URL to qDecodeDataUrl

AIDE null pointer dereference when reading incorrectly encoded xattr attributes from database (local DoS)

AIDE improper output neutralization vulnerability

In iperf before 3.19.1, net.c has a buffer overflow when --skip-rx-copy is used (for MSG_TRUNC in recv).

In iperf before 3.19.1, iperf_auth.c has a Base64Decode assertion failure and application exit upon a malformed authentication attempt.

In iperf before 3.19.1, iperf_auth.c has an off-by-one error and resultant heap-based buffer overflow.

Thor before 1.4.0 can construct an unsafe shell command from library input. NOTE: this is disputed by the Supplier because "the method that was fixed can only be used with arguments that are controlled by Thor, and there is no way an attacker can take control of those arguments."

Chromium: CVE-2025-5419 Out of bounds read and write in V8

GitHub CVE-2025-54132: Arbitrary Image Fetch in Mermaid Diagram Tool

WebAssembly Micro Runtime's `--addr-pool` option allows all IPv4 addresses when subnet mask is not specified

Windows MultiPoint Services Elevation of Privilege Vulnerability

Windows Hyper-V Elevation of Privilege Vulnerability

Windows Connected Devices Platform Service Elevation of Privilege Vulnerability

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability

Windows UI XAML Phone DatePickerFlyout Elevation of Privilege Vulnerability

Windows Kernel Elevation of Privilege Vulnerability

Windows Defender Firewall Service Elevation of Privilege Vulnerability

Capability Access Management Service (camsvc) Elevation of Privilege Vulnerability

MapUrlToZone Security Feature Bypass Vulnerability