Kuang-Chun Hung

**Name of the Vulnerable Software and Affected Versions** Canary Labs Trend Web Server versions prior to 9.5.2 **Description** A buffer overflow issue allows remote attackers to execute arbitrary code via a crafted TCP packet. **Recommendations** For versions prior to 9.5.2, update to version 9.5.2 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Wibu-Systems AG CodeMeter Runtime versions prior to 4.40 **Description** The issue allows remote attackers to cause a denial of service, resulting in the CodeMeter.exe crash, via certain crafted packets to TCP port 22350. **Recommendations** For versions prior to 4.40, update to version 4.40 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Cogent DataHub versions 7.1.2 and earlier Cascade DataHub versions 6.4.20 and earlier OPC DataHub versions 6.4.20 and earlier **Description** The issue is related to a cross-site scripting (XSS) vulnerability, which allows remote attackers to inject arbitrary web script or HTML. This can be achieved via unspecified vectors. **Recommendations** For Cogent DataHub versions 7.1.2 and earlier, update to a version later than 7.1.2. For Cascade DataHub versions 6.4.20 and earlier, update to a version later than 6.4.20. For OPC DataHub versions 6.4.20 and earlier, update to a version later than 6.4.20.

**Name of the Vulnerable Software and Affected Versions** Cogent DataHub versions 7.1.2 and earlier Cascade DataHub versions 6.4.20 and earlier OPC DataHub versions 6.4.20 and earlier **Description** The issue allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks. **Recommendations** For Cogent DataHub versions 7.1.2 and earlier, update to a version later than 7.1.2. For Cascade DataHub versions 6.4.20 and earlier, update to a version later than 6.4.20. For OPC DataHub versions 6.4.20 and earlier, update to a version later than 6.4.20.