Avinash Kumar

**Name of the Vulnerable Software and Affected Versions** AppSamvid (affected versions not specified) **Description** The issue is related to the use of a weaker cryptographic algorithm, specifically SHA1, in the user login component. An attacker with local administrative privileges could exploit this to obtain the password of AppSamvid on the targeted system. Successful exploitation could allow the attacker to take complete control of the application on the targeted system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** AppSamvid (affected versions not specified) **Description** The issue exists due to the usage of vulnerable and outdated components in the software. An attacker with local administrative privileges could exploit this by placing malicious DLLs on the targeted system. Successful exploitation could allow the attacker to execute arbitrary code on the targeted system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** HashiCorp Vault and Vault Enterprise versions prior to 1.8.0 HashiCorp Vault and Vault Enterprise versions 1.7.x prior to 1.7.4 HashiCorp Vault and Vault Enterprise versions 1.6.x prior to 1.6.6 **Description** The UI of HashiCorp Vault and Vault Enterprise erroneously cached and exposed user-viewed secrets between sessions in a single shared browser. **Recommendations** For versions prior to 1.8.0, update to version 1.8.0 or later. For versions 1.7.x, update to version 1.7.4 or later. For versions 1.6.x, update to version 1.6.6 or later.