Microsoft Teams Remote Code Execution Vulnerability

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)

Improper Export of Android Application Components in Settings prior to SMR Feb-2025 Release 1 allows local attackers to enable ADB.

Improper input validation in Samsung Members prior to version 5.2.00.12 allows physical attackers to access data across multiple user profiles.

Improper access control in Samsung Email prior to version 6.1.97.1 allows physical attackers to access data across multiple user profiles.

Memory corruption during management frame processing due to mismatch in T2LM info element.

Information disclosure while parsing the OCI IE with invalid length.

Memory corruption while reading CPU state data during guest VM suspend.

Memory corruption while power-up or power-down sequence of the camera sensor.