Daveysec

Name of the Vulnerable Software and Affected Versions: Microvirt MEmu version 6.0.6 Description: An issue was discovered in Microvirt MEmu. The MemuService.exe service binary is vulnerable to local privilege escalation through binary planting due to insecure permissions set at install time. This allows code to be run as NT AUTHORITY/SYSTEM. Recommendations: For Microvirt MEmu version 6.0.6, consider restricting access to the MemuService.exe service binary to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Apache Tika versions 1.7 through 1.17 **Description** The issue allows clients to send specially crafted headers to the tika-server, potentially injecting commands into the server's command line. This affects servers running tika-server and exposed to untrusted clients. **Recommendations** For Apache Tika versions 1.7 through 1.17, upgrade to Tika 1.18 to resolve the issue.