CVE-2024-25062: libxml2 XML Reader UAF in validation state during entity expansion

CVE-2023-29469: NULL dereference in xmlDictComputeFastKey with empty dict strings

CVE-2021-3518 libxml2 use-after-free in xmlXIncludeCopyNode during recursive XInclude

CVE-2022-40304 libxml2 dict corruption via entity reference cycles

CVE-2022-40303: Integer overflow in libxml2 xmlParseCharData → xmlBufAdd with XML_PARSE_HUGE

CVE-2023-0286: OpenSSL X.509 x400Address type confusion — ASN1_STRING decoded, read as ASN1_TYPE

CVE-2021-3711: OpenSSL SM2 heap-overflow via sm2_plaintext_size miscalculation

CVE-2022-0778 — OpenSSL BN_mod_sqrt infinite loop on non-prime modulus via crafted EC certificate

CVE-2014-0160 Heartbleed: missing bounds check in tls1_process_heartbeat enables OOB heap read

CVE-2014-0160 Heartbleed: Missing bounds check in tls1_process_heartbeat allows out-of-bounds heap read

CVE-2023-27534: curl SFTP path traversal via loose tilde-expansion check

CVE-2023-27534: curl SFTP path traversal via weak tilde-prefix check in Curl_getworkingpath

CVE-2023-27535: curl FTP connection reuse skips FTP_ACCOUNT / ALTERNATIVE_TO_USER / USE_SSL comparisons

CVE-2023-38545 — curl SOCKS5 heap overflow via state-machine re-entrancy

CVE-2024-2961: glibc iconv ISO-2022-CN-EXT buffer overflow — missing bounds checks in SS2/SS3 escape sequence writes

CVE-2021-3999: 1-byte buffer underflow in glibc __getcwd_generic at root

CVE-2023-6779: heap-overflow in glibc __vsyslog_internal via uninitialized bufsize in secondary buffer path

CVE-2023-6779: glibc __vsyslog_internal heap overflow via secondary buffer expansion

CVE-2023-6246: glibc __vsyslog_internal heap overread via undersized malloc in fallback path

CVE-2023-6246: Heap overflow in glibc __vsyslog_internal due to undersized malloc