Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling

A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. This issue affects Apache HTTP Server 2.4.52 and earlier.

Liblouis through 3.21.0 has a buffer overflow in compilePassOpcode in compileTranslationTable.c (called, indirectly, by tools/lou_checktable.c).

valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.

Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4440.

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4436.

NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4428.

Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4418.

Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.

In zsh before 5.8.1, an attacker can achieve code execution if they control a command output inside the prompt, as demonstrated by a %F argument. This occurs because of recursive PROMPT_SUBST expansion.

Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.

A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution.

Heap-based Buffer Overflow in GitHub repository vim prior to 8.2.

Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.

Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.

Out-of-bounds Read in vim/vim prior to 8.2.

Heap-based Buffer Overflow in vim/vim prior to 8.2.