| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Any guest can cause xenstored to crash by issuing a XS_RESET_WATCHES
command within a transaction due to an assert() triggering.
In case xenstored was built with NDEBUG #defined nothing bad will
happen, as assert() is doing nothing in this case. Note that the
default is not to define NDEBUG for xenstored builds even in release
builds of Xen. |
| The adjustments made for XSA-379 as well as those subsequently becoming
XSA-387 still left a race window, when a HVM or PVH guest does a grant
table version change from v2 to v1 in parallel with mapping the status
page(s) via XENMEM_add_to_physmap. Some of the status pages may then be
freed while mappings of them would still be inserted into the guest's
secondary (P2M) page tables. |
| Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11. |
| Use-after-free in the DOM: Bindings (WebIDL) component. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11. |
| Sandbox escape due to use-after-free in the Disability Access APIs component. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11. |
| HSC MailInspector 5.3.3-7 has a Path Traversal vulnerability due to improper validation of user-supplied input in the /tap/dw.php endpoint. The text parameter is used to construct file paths without adequate normalization or restriction to a safe base directory. A remote attacker can exploit this flaw to access arbitrary files on the underlying operating system, resulting in unauthorized disclosure of sensitive information. |
| Information disclosure in the IP Protection component. This vulnerability was fixed in Firefox 151 and Thunderbird 151. |
| LIVE555 before 2026.04.22 contains an authorization bypass vulnerability in RTSP session command handling that allows attackers to replay valid Session tokens from unauthenticated connections. Attackers who obtain a valid Session token can issue PLAY and TEARDOWN commands from a second TCP connection without authentication, causing server crashes through virtual function call errors or disrupting active streams by terminating victim sessions. |
| Incorrect boundary conditions, integer overflow in the Audio/Video component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11. |
| Microsoft Word Security Feature Bypass Vulnerability |
| Windows Graphics Component Information Disclosure Vulnerability |
| Microsoft Excel Remote Code Execution Vulnerability |
| Microsoft Office Elevation of Privilege Vulnerability |
| Microsoft Excel Information Disclosure Vulnerability |
| Improper access control in Microsoft Office allows an unauthorized attacker to perform spoofing locally. |
| Microsoft Excel Remote Code Execution Vulnerability |
| Microsoft Word Remote Code Execution Vulnerability |
| Microsoft Outlook Remote Code Execution Vulnerability |
| Microsoft Excel Remote Code Execution Vulnerability |
| Microsoft Excel Remote Code Execution Vulnerability |
