Ccccgb

**Name of the Vulnerable Software and Affected Versions** swftools version 0.9.2 **Description** The issue is related to a Stack Buffer Underflow in the `dict foreach keyvalue` function located at `swftools/lib/q.c`. This can potentially lead to a denial of service. **Recommendations** For swftools version 0.9.2, consider disabling the `dict foreach keyvalue` function as a temporary workaround until a patch is available. Restrict access to the `swftools/lib/q.c` module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** swftools version 0.9.2 **Description** The issue is related to a heap-use-after-free in the `bufferWriteData` function located in `swftools/lib/action/compile.c`. This allows for unauthorized access. BrazenBamboo has been found to exploit this issue to steal VPN credentials. **Recommendations** For swftools version 0.9.2, consider disabling the `bufferWriteData` function in `swftools/lib/action/compile.c` as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** openvswitch version 2.17.8 **Description** The issue is related to a memory leak in the `xmalloc ` function in `openvswitch-2.17.8/lib/util.c`. This memory leak is associated with errors in memory release. Exploitation of this issue may allow a remote attacker to cause a denial of service. **Recommendations** For openvswitch version 2.17.8, consider restricting the use of the `xmalloc ` function as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.