Antonio Morales Maldonado

**Name of the Vulnerable Software and Affected Versions** libopenmpt versions prior to 0.3.19 libopenmpt versions 0.4.x prior to 0.4.9 **Description** The issue is related to the functions `ModPlug InstrumentName` and `ModPlug SampleName` in `libopenmpt modplug.c`, which do not properly restrict the lengths of output-buffer strings. This can lead to a buffer overflow, allowing a remote attacker to access confidential data, compromise data integrity, and cause a denial of service. **Recommendations** For libopenmpt versions prior to 0.3.19, update to version 0.3.19 or later. For libopenmpt versions 0.4.x prior to 0.4.9, update to version 0.4.9 or later.

**Name of the Vulnerable Software and Affected Versions** Siemens SINEMA Remote Connect Server versions prior to 1.2 **Description** The issue is related to a cross-site scripting (XSS) vulnerability in the integrated web server. This allows remote attackers to inject arbitrary web script or HTML via a crafted URL. **Recommendations** For versions prior to 1.2, update to version 1.2 or later to resolve the issue.