0Xwise64

Name of the Vulnerable Software and Affected Versions: cordova-plugin-fingerprint-aio versions prior to 5.0.1 Description: The exported activity `de.niklasmerz.cordova.biometric.BiometricActivity` can cause the app to crash when requested with invalid or empty data. Any third-party app can constantly call this activity with no permission, and a 3rd party app/attacker using an event listener can continually stop the app from working, making the victim unable to open it. This issue results in a denial of service (DoS) condition. Recommendations: For versions prior to 5.0.1, change the attribute `android:exported` in `plugin.xml` to `false` to fix the issue. Upgrade to version 5.0.1 as soon as possible.

Name of the Vulnerable Software and Affected Versions: Discord-Recon versions 0.0.3 and prior Description: The issue allows a remote attacker to overwrite any file on the system with command results, potentially leading to remote code execution if important system files are overwritten. Recommendations: For versions 0.0.3 and prior, as a temporary workaround, bot maintainers can edit their `setting.py` file and add `<` and `>` into the `RCE` variable to mitigate the issue without an update. For versions 0.0.3 and prior, update to version 0.0.4 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Discord Recon Server version 0.0.1 **Description** The issue concerns a remote code execution flaw in the Discord Recon Server bot, which allows remote users to execute commands on the server, resulting in serious issues. **Recommendations** For version 0.0.1, update to version 0.0.2 to resolve the issue.