OL CVE Issue Summary:

With PHP-FPM, a low-privilege process can read and write an array of pointers used by the main process (running as root), through shared memory. An attacker can leverage this problem to change a 32-bit integer from zero to one in the main process's memory, or clear a memory region. By leveraging the primitive multiple times, it is possible to reach another bug, make the main process execute code, and thus escalate privileges.

The pointers in the SHM have been present starting with the very first implementation (PHP 5.3.7).

This was addressed by converting `scoreboard->procs` to an array of scoreboards (no pointers anymore) and making sure `scoreboard->nprocs` only gets used by workers.

OL CVE Issue Summary :

A use-after-free vulnerability was found in OpenSSL `BIO_new_NDEF()` function.
The function receives a BIO from the caller, prepends a new `BIO_f_asn1` filter BIO onto the front of it to form a BIO chain, and then returns the new head of the BIO chain to the caller.

Under certain conditions, for example, if a CMS recipient public key is invalid, the new filter BIO is freed, and the function returns NULL indicating a failure.

However, in this case, the BIO chain is not properly cleaned up, and the BIO passed by the caller still retains internal pointers to the previously freed filter BIO. If the caller then calls `BIO_pop()` on the BIO, a use-after-free will occur, possibly resulting in a crash.

OL CVE Issue Summary: 

The below paths, all follow the same code pattern:

```
main/fopen_wrappers.c:php_check_specific_open_basedir()ext/xmlreader/php_xmlreader.c:PHP_METHOD(xmlreader, XML)
ext/dom/document.c:dom_document_parser()

```
These arrays can have at most `MAXPATHLEN` characters, including the NULL char. So the `strlen()` can be at most `MAXPATHLEN-1`. If it does not end in a slash,
and a slash must be appended, a write of the NULL char to index `MAXPATHLEN` will occur, overrunning the array. 

OL CVE Issue Summary :

libxml2 before 2.12.10 has a use-after-free in `xmlSchemaIDCFillNodeTables()` and `xmlSchemaBubbleIDCNodeTables()` in `xmlschemas.c`. 
To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used.
 

OL CVE Issue Summary:

A flaw was found in OpenSSH in versions 5.7 through 8.3, where an observable discrepancy occurs and leads to an information leak in the algorithm negotiation. This flaw allows a man-in-the-middle attacker to target initial connection attempts, where there is no host key for the server that has been cached by the client.

OL CVE Issue Summary:

Invalid input to the function `xmlrpc_decode()` can lead to an invalid memory access (heap out of bounds read).

OL CVE Issue Summary :

A Local Privilege Escalation (LPE) vulnerability was found in Sudo.
In certain configurations, unauthorized users can gain elevated system privileges via the `sudo` host option (-h or --host).

When using the default sudo security policy plugin (sudoers), the host option is intended to be used in conjunction with the list option (-l or --list) to determine what permissions a user has on a given system.
However, this restriction can be bypassed, allowing a user to elevate their privileges on one system to the privileges they may have on another, effectively ignoring the host identifier in any sudoers rules.

This vulnerability is particularly impactful for systems that share a single sudoers configuration file across multiple computers or use network-based user directories, such as LDAP, to provide sudoers rules on a system.
 

OL CVE Issue Summary :

A flaw was found in libxml2. This vulnerability allows a stack-based buffer overflow via DTD validation of an untrusted document or untrusted DTD. This vulnerability is rated as important because it involves a stack-based buffer overflow in the xmlSnprintfElements function within valid.c.
 Exploiting this issue requires DTD validation to occur on an untrusted document or untrusted DTD, making it a potential security risk for applications using libxml2 that do not adequately restrict DTD input.
 

OL CVE Issue Summary : 

Python has a buffer overflow in `PyCArg_repr` in `_ctypes/callproc.c`, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a `1e300` argument to `c_double.from_param`. This occurs because `sprintf` is used unsafely.

OL CVE Issue Summary:

Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead to a crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.