Donghyun Kim

**Name of the Vulnerable Software and Affected Versions** Toshiba Storage Security Software version 1.2.0.7413 **Description** The issue is related to an Improper Authentication vulnerability that allows sensitive information to be obtained via the local password authentication module. **Recommendations** For Toshiba Storage Security Software version 1.2.0.7413, consider disabling the local password authentication module until a patch is available. Restrict access to sensitive information to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** DaviewIndy versions 8.98.4 and earlier **Description** The issue is triggered when a user opens a malformed specific file that is mishandled by Daview.exe, leading to a heap-based overflow. This could allow attackers to exploit the issue and achieve arbitrary code execution. **Recommendations** For versions 8.98.4 and earlier, update to a version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** DaviewIndy versions 8.98.4 and earlier **Description** The issue is triggered when a user opens a malformed specific file that is mishandled by Daview.exe, leading to a heap-based overflow. This could allow attackers to exploit the issue and achieve arbitrary code execution. **Recommendations** For versions 8.98.4 and earlier, update to a version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.