Crispy-Fried-Chicken

**Name of the Vulnerable Software and Affected Versions** radare2 version 5.8.8 **Description** The issue allows an attacker to execute arbitrary code via the `name`, `type`, or `group` fields. This is a result of a buffer overflow weakness in the software. **Recommendations** For radare2 version 5.8.8, consider disabling the functionality that uses the `name`, `type`, or `group` fields until a patch is available. Restrict access to the vulnerable components to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** radare2 version 5.8.8 **Description** The issue allows an attacker to execute arbitrary code via the `parse die` function. This is a buffer overflow vulnerability that can be exploited to gain unauthorized access and execute malicious code. **Recommendations** For radare2 version 5.8.8, as a temporary workaround, consider disabling the `parse die` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** nodemcu versions prior to 3.0.0-release 20240225 **Description** The issue is related to an integer overflow in the `getnum` function located at `/modules/struct.c`. This overflow can be exploited, potentially leading to unintended behavior. No information is provided about the estimated number of affected devices or real-world incidents. **Recommendations** For versions prior to 3.0.0-release 20240225, update to version 3.0.0-release 20240225 or later to resolve the issue. As a temporary workaround, consider restricting access to the `getnum` function until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** SunBK201 umicat versions 0.3.2 and earlier **Description** The issue allows an attacker to execute arbitrary code via the `power(uct int t x, uct int t n)` function in `src/uct upstream.c`. This can be exploited to perform local network attacks. **Recommendations** For versions 0.3.2 and earlier, upgrade to version 0.3.3 to mitigate the risk. As a temporary workaround, consider disabling the `power()` function in `src/uct upstream.c` until a patch is available.

Name of the Vulnerable Software and Affected Versions: PHP versions 8.1.* through 8.1.30 PHP versions 8.2.* through 8.2.25 PHP versions 8.3.* through 8.3.13 Description: The issue is related to the ldap escape() function in PHP, which can cause an integer overflow when given uncontrolled long string inputs on 32-bit systems, resulting in an out-of-bounds write. This can allow a remote attacker to cause a denial of service. The estimated number of potentially affected devices worldwide is over 700,000 instances. Recommendations: For PHP versions 8.1.* through 8.1.30, update to version 8.1.31 or later. For PHP versions 8.2.* through 8.2.25, update to version 8.2.26 or later. For PHP versions 8.3.* through 8.3.13, update to version 8.3.14 or later. As a temporary workaround, consider disabling the `ldap escape()` function until a patch is available.