D4Rkd0Go

**Name of the Vulnerable Software and Affected Versions** Hnswlib version 0.7.0 **Description** The issue is related to a double free in the `init index` function when the `M` argument is a large integer. This occurs in the Hnswlib library. **Recommendations** For Hnswlib version 0.7.0, consider restricting the use of the `init index` function with large `M` argument values until a patch is available. As a temporary workaround, avoid using large integers for the `M` argument in the `init index` function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** data-tools versions prior to 2017-07-26 **Description** The issue is related to an Integer Overflow that leads to an incorrect end value for the `write wchars` function. **Recommendations** For versions prior to 2017-07-26, update to a version released after 2017-07-26 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** TeaKKi version 2.7 **Description** The issue allows for XSS attacks through a crafted `onerror` attribute for a picture's URL. **Recommendations** For TeaKKi version 2.7, consider validating and sanitizing user-inputted URLs for pictures to prevent malicious `onerror` attributes. As a temporary workaround, restrict the use of the `onerror` attribute in picture URLs until a patch is available.