Corentin Bayet

**Name of the Vulnerable Software and Affected Versions** QNAP QTS versions prior to 5.1.9.2954 build 20241120 QNAP QTS versions prior to 5.2.2.2950 build 20241114 QNAP QuTS hero versions prior to h5.1.9.2954 build 20241120 QNAP QuTS hero versions prior to h5.2.2.2952 build 20241116 **Description** An improper authentication vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to compromise the security of the system. **Recommendations** For QNAP QTS versions prior to 5.1.9.2954 build 20241120, update to QTS 5.1.9.2954 build 20241120 or later. For QNAP QTS versions prior to 5.2.2.2950 build 20241114, update to QTS 5.2.2.2950 build 20241114 or later. For QNAP QuTS hero versions prior to h5.1.9.2954 build 20241120, update to QuTS hero h5.1.9.2954 build 20241120 or later. For QNAP QuTS hero versions prior to h5.2.2.2952 build 20241116, update to QuTS hero h5.2.2.2952 build 20241116 or later.

Name of the Vulnerable Software and Affected Versions: Oracle VM VirtualBox versions prior to 7.0.16 Description: The issue is related to the use of memory after it has been freed, which can allow an attacker to disclose protected information. A low-privileged attacker with logon access to the infrastructure where Oracle VM VirtualBox executes can exploit this issue to compromise Oracle VM VirtualBox. Successful attacks can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. Recommendations: For versions prior to 7.0.16, update to version 7.0.16 or later to resolve the issue. At the moment, there is no information about additional mitigation measures.

**Name of the Vulnerable Software and Affected Versions** Oracle VM VirtualBox versions prior to 7.0.16 **Description** The issue is related to a buffer overflow vulnerability in the Core component of Oracle VM VirtualBox, which can be exploited to execute arbitrary code and elevate privileges. This vulnerability can be easily exploited by a low-privileged attacker with logon access to the infrastructure where Oracle VM VirtualBox is executed, potentially leading to the compromise of Oracle VM VirtualBox and impacting additional products. **Recommendations** For versions prior to 7.0.16, update to version 7.0.16 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable Core component until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** Netatalk (affected versions not specified) **Description** This issue allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this issue. The specific flaw exists within the `dsi writeinit` function. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this issue to execute code in the context of root. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** SMB and AFP (affected versions not specified) **Description** The combination of primitives offered by SMB and AFP in their default configuration allows the arbitrary writing of files. By exploiting this combination of primitives, an attacker can execute arbitrary code. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** VMware ESXi versions 7.0 before ESXi 7.0.0-1.20.16321839 VMware ESXi versions 6.7 before ESXi670-202004101-SG VMware ESXi versions 6.5 before ESXi650-202005401-SG VMware Workstation versions 15.x before 15.5.5 VMware Fusion versions 11.x before 11.5.5 **Description** The issue is related to an off-by-one heap-overflow vulnerability in the SVGA device, which can be exploited by a malicious actor with local access to a virtual machine with 3D graphics enabled, potentially allowing code execution on the hypervisor from a virtual machine. Exploitation requires additional conditions beyond the attacker's control. The vulnerability is also described as a buffer overflow in dynamic memory when processing SVGA3D commands. **Recommendations** For VMware ESXi versions 7.0 before ESXi 7.0.0-1.20.16321839, update to a version that includes the fix ESXi 7.0.0-1.20.16321839 or later. For VMware ESXi versions 6.7 before ESXi670-202004101-SG, apply the patch ESXi670-202004101-SG or later. For VMware ESXi versions 6.5 before ESXi650-202005401-SG, apply the patch ESXi650-202005401-SG or later. For VMware Workstation versions 15.x before 15.5.5, update to version 15.5.5 or later. For VMware Fusion versions 11.x before 11.5.5, update to version 11.5.5 or later.

**Name of the Vulnerable Software and Affected Versions** VMware ESXi versions 7.0 before ESXi 7.0.0-1.20.16321839 VMware ESXi versions 6.7 before ESXi670-202004101-SG VMware ESXi versions 6.5 before ESXi650-202005401-SG VMware Workstation versions 15.x before 15.5.5 VMware Fusion versions 11.x before 11.5.5 **Description** The issue is related to a use-after-free vulnerability in the SVGA device, specifically when handling the SVGA DXInvalidateContext command. This vulnerability can be exploited by a malicious actor with local access to a virtual machine that has 3D graphics enabled, potentially allowing them to execute code on the hypervisor from the virtual machine. **Recommendations** For VMware ESXi versions 7.0 before ESXi 7.0.0-1.20.16321839, update to ESXi 7.0.0-1.20.16321839 or later. For VMware ESXi versions 6.7 before ESXi670-202004101-SG, apply the ESXi670-202004101-SG patch. For VMware ESXi versions 6.5 before ESXi650-202005401-SG, apply the ESXi650-202005401-SG patch. For VMware Workstation versions 15.x before 15.5.5, update to version 15.5.5 or later. For VMware Fusion versions 11.x before 11.5.5, update to version 11.5.5 or later.