Any1

**Name of the Vulnerable Software and Affected Versions** Neat VNC versions prior to 0.9.6 **Description** A pre-authentication stack buffer overflow exists in the RSA-AES security type handler. An unauthenticated remote attacker can send a crafted security type 5 (RSA-AES) or security type 129 (RSA-AES-256) handshake containing an oversized client RSA public key. This causes the `rsa aes send challenge()` function in `src/auth/rsa-aes.c` to overflow a 1024-byte on-stack buffer during the encryption of the server challenge, leading to a denial of service via a server crash. **Recommendations** Update to version 0.9.6.

Name of the Vulnerable Software and Affected Versions: Intel(R) Iris(R) Xe MAX Dedicated Graphics Drivers for Windows 10 versions prior to 27.20.100.9466 Description: The issue is related to improper access control in the installer for some Intel(R) Iris(R) Xe MAX Dedicated Graphics Drivers for Windows 10, which may allow an authenticated user to potentially enable escalation of privilege via local access. Recommendations: For versions prior to 27.20.100.9466, update to version 27.20.100.9466 or later to resolve the issue.

Name of the Vulnerable Software and Affected Versions: Intel(R) Graphics Driver versions prior to 27.20.100.8336 Intel(R) Graphics Driver versions prior to 15.45.33.5164 Intel(R) Graphics Driver versions prior to 15.40.47.5166 Description: The issue is related to a use after free in some Intel(R) Graphics Driver, which may allow an authenticated user to potentially enable denial of service via local access. Recommendations: For versions prior to 27.20.100.8336, update to version 27.20.100.8336 or later. For versions prior to 15.45.33.5164, update to version 15.45.33.5164 or later. For versions prior to 15.40.47.5166, update to version 15.40.47.5166 or later.

**Name of the Vulnerable Software and Affected Versions** Intel Driver and Support Assistant versions prior to 20.1.5 **Description** The issue is caused by a race condition error when using a shared resource, potentially allowing an attacker to cause a denial of service. This can be exploited by an authenticated user via local access. **Recommendations** For versions prior to 20.1.5, update to version 20.1.5 or later to resolve the issue. As a temporary workaround, consider restricting local access to the Intel Driver and Support Assistant until a patch is applied.