Firmianayo

**Name of the Vulnerable Software and Affected Versions** TscanCode tsclua version 2.15.01 **Description** A vulnerability in the lua parser of TscanCode tsclua allows attackers to cause a Denial of Service (DoS) via a crafted lua script. **Recommendations** For TscanCode tsclua version 2.15.01, consider disabling the lua parser functionality until a patch is available to prevent Denial of Service (DoS) attacks.

**Name of the Vulnerable Software and Affected Versions** GVRET Stable Release as of Aug 15, 2015 **Description** The issue is related to a buffer overflow that occurs via the `handleConfigCmd` function at `SerialConsole.cpp`. This allows for potential exploitation. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited. **Recommendations** For GVRET Stable Release as of Aug 15, 2015, consider disabling the `handleConfigCmd` function as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** TripleCross version 0.1.0 **Description** A segmentation fault occurs when sending a control command from the client to the server. This issue arises because there is no limit to the length of the output of the executed command. **Recommendations** For TripleCross version 0.1.0, consider implementing a limit to the length of the output of the executed command to prevent the segmentation fault. As a temporary workaround, restrict the use of control commands from the client to the server until a proper fix is applied.

**Name of the Vulnerable Software and Affected Versions** TripleCross version 0.1.0 **Description** The issue is related to a stack overflow that occurs due to the lack of a limit on the length of program parameters. **Recommendations** For TripleCross version 0.1.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** gps-sdr-sim version 1.0 **Description** The issue is related to a buffer overflow that occurs when parsing long command line parameters. This can potentially lead to Denial of Service (DoS) or code execution. **Recommendations** For gps-sdr-sim version 1.0, consider restricting the length of command line parameters to prevent the buffer overflow until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.