Youssef Mami

**Name of the Vulnerable Software and Affected Versions** DeviceLock Plug and Play Auditor version 5.72 **Description** The issue is related to a Unicode Buffer Overflow in the DLPnpAuditor.exe component. This can potentially lead to a Structured Exception Handler (SEH) overflow. **Recommendations** For DeviceLock Plug and Play Auditor version 5.72, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** CSP MySQL User Manager version 2.3.1 **Description** The issue allows for SQL injection and resultant authentication bypass via a crafted `username` during a login attempt. **Recommendations** For version 2.3.1, update to a newer version that contains a fix for this issue, as using a crafted `username` can lead to authentication bypass. At the moment, there is no information about a newer version that contains a fix for this vulnerability.