Cathy Hu

**Name of the Vulnerable Software and Affected Versions** grub2 (affected versions not specified) **Description** The issue is related to grub2, where attackers with access to the grub shell can access files on encrypted disks. This is due to incorrectly used standard permissions. Exploitation of the issue may allow an attacker to bypass security restrictions and gain unauthorized access to protected information. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux Kernel (affected versions not specified) **Description** The issue is related to a buffer copy without checking the size of input, which can lead to memory corruption. This can occur while loading firmware in the Linux Kernel. The exploitation of this issue may allow an attacker to execute arbitrary code. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Apache Tika versions 1.x through 1.28.2 **Description** A denial of service issue exists due to a regular expression in the StandardsText class, used by the StandardsExtractingContentHandler, which can lead to backtracking on a specially crafted file. This issue only affects users running the StandardsExtractingContentHandler, a non-standard handler. **Recommendations** For Apache Tika versions 1.x through 1.28.2, update to version 1.28.3 to resolve the issue. As a temporary workaround, consider disabling the StandardsExtractingContentHandler until a patch is available.