MariaDB before 10.6.5 has a sql_lex.cc integer overflow, leading to an application crash.

MariaDB through 10.5.9 allows a sql_parse.cc application crash because of incorrect used_tables expectations.

MariaDB through 10.5.9 allows an application crash in sub_select_postjoin_aggr for a NULL value of aggr.

MariaDB through 10.5.13 allows a ha_maria::extra application crash via certain SELECT statements.

MariaDB through 10.5.9 allows an application crash in find_field_in_tables and find_order_in_list via an unused common table expression (CTE).

In strongSwan before 5.9.5, a malicious responder can send an EAP-Success message too early without actually authenticating the client and (in the case of EAP methods with mutual authentication and EAP-only authentication for IKEv2) even without server authentication.

xterm through Patch 370, when Sixel support is enabled, allows attackers to trigger a buffer overflow in set_sixel in graphics_sixel.c via crafted text.

Use After Free in GitHub repository vim/vim prior to 8.2.

Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.

MariaDB before 10.7.2 allows an application crash because it does not recognize that SELECT_LEX::nest_level is local to each VIEW.