CVE-2022-2509: Double-free in GnuTLS find_signer() during PKCS7 cert chain verification

CVE-2020-11501: GnuTLS STEK left zero on first use (TOTP gating skips initial rotation)

CVE-2021-20231 GnuTLS — Use-after-free via realloc-aliasing in TLS 1.3 client_hello extensions (key_share + pre_shared_key)

GnuTLS CVE-2021-20231: Use-After-Free in ECDHE Key Exchange Processing

CVE-2020-24659: GnuTLS NULL deref via no_renegotiation alert mid-handshake

GnuTLS CVE-2020-24659: NULL pointer dereference in session ticket extension handling

CVE-2021-26937: GNU Screen heap overflow in UTF-8 combining character LRU pool (utf8_handle_comb)

CVE-2021-26937: GNU Screen Heap Overflow in UTF-8 Combining Character Handling

CVE-2023-24626: GNU Screen OSC 83 escape sequence command injection

CVE-2021-3696: Heap OOB R/W in GRUB2 grub_png_insert_huff_item

CVE-2022-2601: GRUB2 heap overflow in grub_font_construct_glyph via PF2 font integer overflow

GRUB2 CVE-2022-2601 - Heap Overflow in PF2 Font Glyph Loading via Integer Overflow

CVE-2021-3695: GRUB2 PNG loader heap overflow in 16-bit grayscale conversion (d1 += 4 stride bug)

GRUB2 PNG Loader Heap Buffer Overflow Due to Off-by-One in Size Calculation

CVE-2020-10713 BootHole: Integer Overflow → Heap Buffer Overflow in GRUB2 Script Lexer (grub-core/script/yylex.l)

CVE-2024-25062: use-after-free in libxml2 xmlTextReaderRead — missing BACKTRACK state guard on XInclude re-expansion

CVE-2024-25062 libxml2 use-after-free in xmlTextReaderValidateEntity

CVE-2022-40304: libxml2 dict corruption via entity reference cycle (ent->content[0]=0 on dict-owned memory)

CVE-2022-40304: Dict Corruption via Entity Reference Cycles in libxml2

CVE-2022-40303: Integer overflow in libxml2 xmlSAX2Text → heap buffer overflow on large XML text nodes