Hackingbydoing

**Name of the Vulnerable Software and Affected Versions** Windscribe versions prior to 2.18.3-alpha and prior to 2.18.8 **Description** A command injection issue exists in Windscribe for Linux Desktop App. A local user who is a member of the windscribe group can execute arbitrary commands as root. This is possible through the `adapterName` parameter of the `changeMTU()` function. **Recommendations** Update to Windscribe version 2.18.3-alpha or later. Update to Windscribe version 2.18.8 or later.

**Name of the Vulnerable Software and Affected Versions** duc (affected versions not specified) **Description** A stack buffer overflow exists in the `buffer get` function of duc, a disk management tool. A condition can evaluate to true due to underflow, leading to an out-of-bounds read. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.