Aidaipop

**Name of the Vulnerable Software and Affected Versions** upx versions prior to 4.0.0 **Description** The issue allows attackers to cause a denial of service via a crafted file passed to the `readx` function. This can lead to a reachable assertion vulnerability. **Recommendations** For versions prior to 4.0.0, update to version 4.0.0 or later to resolve the issue. As a temporary workaround, consider restricting the use of the `readx` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** mruby versions prior to 3.1.0-rc **Description** An Untrusted Pointer Dereference was discovered in the `mrb vm exec` function, causing a segmentation fault and application crash. **Recommendations** For versions prior to 3.1.0-rc, update to version 3.1.0-rc or later to resolve the issue. As a temporary workaround, consider restricting the use of the `mrb vm exec` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** GPAC version 1.1.0 **Description** The issue is related to an invalid call in the `gf node changed()` function, which can lead to a Denial of Service (DoS). **Recommendations** For GPAC version 1.1.0, consider disabling the `gf node changed()` function as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** mruby version 3.0.0 **Description** The issue is related to an untrusted pointer dereference in the `mrb vm exec()` function, which can cause a segmentation fault or application crash. **Recommendations** For mruby version 3.0.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** lib60870 (affected versions not specified) **Description** A NULL pointer dereference in `CS104 IPAddress setFromString` at `src/iec60870/cs104/cs104 slave.c` of lib60870 can lead to a segmentation fault or application crash. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** JerryScript version a6ab5e9 **Description** An issue was discovered in the js-lexer.c file, specifically in the `lexer compare identifier to string` function, where there is a Use-After-Free. **Recommendations** For JerryScript version a6ab5e9, consider restricting access to the `lexer compare identifier to string` function in the js-lexer.c file as a temporary mitigation measure until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** libiec61850 version 1.5.0 **Description** A NULL pointer dereference in `AcseConnection parseMessage` at `src/mms/iso acse/acse.c` can lead to a segmentation fault or application crash. **Recommendations** For libiec61850 version 1.5.0, consider applying a patch or fix to resolve the NULL pointer dereference issue in `AcseConnection parseMessage` to prevent potential segmentation faults or application crashes.

**Name of the Vulnerable Software and Affected Versions** GPAC version 1.1.0 **Description** The issue is related to an invalid memory address dereference via the function (lsr read id()). This can lead to a Denial of Service (DoS). **Recommendations** For GPAC version 1.1.0, consider disabling the (lsr read id()) function as a temporary workaround until a patch is available.

**Name of the Vulnerable Software and Affected Versions** GPAC version 1.1.0 **Description** An issue was discovered in GPAC, where an invalid memory address dereference occurs via the function shift chunk offsets.isra(). **Recommendations** For GPAC version 1.1.0, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** GPAC version 1.1.0 **Description** The issue is related to an invalid memory address dereference via the function `gf sg vrml mf reset()`. This allows attackers to cause a Denial of Service (DoS). **Recommendations** For GPAC version 1.1.0, consider disabling the `gf sg vrml mf reset()` function as a temporary workaround to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Modex version 2.11 **Description** The issue is related to an Use-After-Free vulnerability in the tcache component. **Recommendations** For Modex version 2.11, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GPAC version 1.1.0 **Description** The issue is related to an invalid memory address dereference via the function `gf list last()`. This allows attackers to cause a Denial of Service (DoS). **Recommendations** For GPAC version 1.1.0, as a temporary workaround, consider disabling the `gf list last()` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: gpac version 1.1.0 Description: An invalid free issue exists via the `gf svg delete attribute value` function, causing a segmentation fault and application crash. Recommendations: For gpac version 1.1.0, consider disabling the `gf svg delete attribute value` function as a temporary workaround until a patch is available.

Name of the Vulnerable Software and Affected Versions: gpac version 1.1.0 Description: A stack overflow issue exists via the `gf bifs dec proto list` function, causing a segmentation fault and application crash. Recommendations: For gpac version 1.1.0, consider disabling the `gf bifs dec proto list` function as a temporary workaround until a patch is available.

Name of the Vulnerable Software and Affected Versions: gpac version 1.1.0 Description: An invalid pointer reference issue exists via the `gf svg node del` function, causing a segmentation fault and application crash. Recommendations: For gpac version 1.1.0, consider avoiding the use of the `gf svg node del` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.

Name of the Vulnerable Software and Affected Versions: gpac version 1.1.0 Description: A null pointer dereference issue exists in the `lsr read id.part` function, causing a segmentation fault and application crash. Recommendations: For gpac version 1.1.0, consider disabling the `lsr read id.part` function as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: gpac version 1.1.0 Description: An invalid free vulnerability exists via the `gf sg command del` function, which causes a segmentation fault and application crash. Recommendations: For gpac version 1.1.0, consider disabling the `gf sg command del` function as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: gpac version 1.1.0 Description: A null pointer dereference issue exists via the `lsr read anim values ex` function, causing a segmentation fault and application crash. Recommendations: For gpac version 1.1.0, as a temporary workaround, consider disabling the `lsr read anim values ex` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: gpac version 1.1.0 Description: An invalid memory address dereference issue exists via the `svg node start` function, causing a segmentation fault and application crash. Recommendations: For gpac version 1.1.0, consider disabling the `svg node start` function as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.

Name of the Vulnerable Software and Affected Versions: gpac version 1.1.0 Description: A Null Pointer Dereference issue exists in the `gf node get field` function, which can cause a segmentation fault and application crash. Recommendations: For gpac version 1.1.0, as a temporary workaround, consider disabling the `gf node get field` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.