21762 matches found
multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880.
...
libsndfile through 1.2.2 has a reachable assertion, that may lead to application exit, in mpeg_l3_encode.c mpeg_l3_encoder_close.
...
scsi: ufs: pltfrm: Dellocate HBA during ufshcd_pltfrm_remove()
...
drm/i915/hdcp: Add encoder check in hdcp2_get_capability
...
drm/amd/display: Fix null pointer deref in dcn20_resource.c
...
gpio: pca953x: fix pca953x_irq_bus_sync_unlock race
...
ice: Don't process extts if PTP is disabled
...
pip 1.3 through 1.5.6 allows local users to cause a denial of service (prevention of package installation) by creating a /tmp/pip-build-* file for another user.
...
xen: privcmd: Switch from mutex to spinlock for irqfds
...
The sideband payload is passed unfiltered to the terminal in git
...
An integer overflow in the component hb-ot-shape-fallback.cc of Harfbuzz v4.3.0 allows attackers to cause a Denial of Service (DoS) via unspecified vectors.
...
drm/amd/display: Fix NULL pointer dereference for DTN log in DCN401
...
Chromium: CVE-2025-9478 Use after free in ANGLE
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
f2fs: fix to bail out in get_new_segment()
...
drm/amd/display: Check null pointers before using them
...
dm: fix a crash if blk_alloc_disk fails
...
Chromium: CVE-2025-9132 Out of bounds write in V8
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Windows Certificate Spoofing Vulnerability
Improper verification of cryptographic signature in Windows Certificates allows an unauthorized attacker to perform spoofing over a network...
Windows Storage-based Management Service Remote Code Execution Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Storage allows an unauthorized attacker to execute code over a network...
Windows MBT Transport Driver Elevation of Privilege Vulnerability
Untrusted pointer dereference in Windows MBT Transport driver allows an authorized attacker to elevate privileges locally...
Microsoft PC Manager Elevation of Privilege Vulnerability
Improper authorization in Microsoft PC Manager allows an unauthorized attacker to elevate privileges over a network...
Azure Databricks Elevation of Privilege Vulnerability
Improper access control in Azure Databricks allows an unauthorized attacker to elevate privileges over a network...
Chromium: CVE-2025-8882 Use after free in Aura
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2025-8881 Inappropriate implementation in File Picker
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2025-8880 Race in V8
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2025-8901 Out of bounds write in ANGLE
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2025-8879 Heap buffer overflow in libaom
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Icu: stack buffer overflow in the srbroot::addtag function
...
SQLite integer overflow in key info allocation may lead to information disclosure.
...
Integer Truncation on SQLite
...
Microsoft SharePoint Remote Code Execution Vulnerability
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network...
Windows Hyper-V Elevation of Privilege Vulnerability
Numeric truncation error in Windows Hyper-V allows an authorized attacker to elevate privileges locally...
Windows Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability
Null pointer dereference in Windows Local Security Authority Subsystem Service LSASS allows an authorized attacker to deny service over a network...
Microsoft SharePoint Elevation of Privilege Vulnerability
Server-side request forgery ssrf in Microsoft Office SharePoint allows an authorized attacker to elevate privileges over a network...
Microsoft Excel Remote Code Execution Vulnerability
Access of resource using incompatible type 'type confusion' in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
Access of resource using incompatible type 'type confusion' in Windows Message Queuing allows an authorized attacker to execute code over a network...
Windows Hyper-V Remote Code Execution Vulnerability
Improper restriction of communication channel to intended endpoints in Windows Hyper-V allows an authorized attacker to execute code locally...
Azure Stack Hub Information Disclosure Vulnerability
Improper authentication in Azure Stack allows an unauthorized attacker to disclose information over a network...
Windows Kerberos Elevation of Privilege Vulnerability
Relative path traversal in Windows Kerberos allows an authorized attacker to elevate privileges over a network...
Microsoft Teams Remote Code Execution Vulnerability
Heap-based buffer overflow in Microsoft Teams allows an unauthorized attacker to execute code over a network...
Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
Use of uninitialized resource in Windows Routing and Remote Access Service RRAS allows an authorized attacker to disclose information over a network...
Windows Security App Spoofing Vulnerability
External control of file name or path in Windows Security App allows an authorized attacker to perform spoofing locally...
GDI+ Remote Code Execution Vulnerability
Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network...
Azure Stack Hub Information Disclosure Vulnerability
Exposure of private personal information to an unauthorized actor in Azure Stack allows an authorized attacker to disclose information locally...
Microsoft Word Remote Code Execution Vulnerability
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally...
Microsoft Word Information Disclosure Vulnerability
Buffer over-read in Microsoft Office Word allows an unauthorized attacker to disclose information locally...
Microsoft Excel Remote Code Execution Vulnerability
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
Microsoft Office Remote Code Execution Vulnerability
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally...
Microsoft Word Remote Code Execution Vulnerability
Incorrect conversion between numeric types in Microsoft Office Word allows an unauthorized attacker to execute code locally...
Microsoft SQL Server Elevation of Privilege Vulnerability
Improper neutralization of special elements used in an sql command 'sql injection' in SQL Server allows an authorized attacker to elevate privileges over a network...