Vysea

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 10.13.1 **Description** The issue involves the `fsck msdos` component and allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. This is due to a buffer overflow in the `fsck msdos` component, which can be exploited by a remote attacker to achieve the aforementioned outcomes. **Recommendations** For macOS versions prior to 10.13.1, update to version 10.13.1 or later to resolve the issue. As a temporary workaround, consider restricting the use of the `fsck msdos` component until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** Android versions 6.0 through 7.1.2 **Description** The issue is related to insufficient access control in the Android operating system, which can be exploited by a remote attacker to execute arbitrary code. It is a remote code execution vulnerability in the Android media framework. **Recommendations** For Android versions 6.0 through 7.1.2, update to a version that contains a fix for this issue to prevent remote code execution. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Android versions 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1 **Description** An information disclosure issue in the libopus Mediaserver could allow a local malicious application to access data outside of its permission levels. This could be used to access sensitive data without permission. The issue is caused by a buffer overflow in the silk/NLSF stabilize.c function. **Recommendations** For versions 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1, update to a version that includes the fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.