Halil Oktay

**Name of the Vulnerable Software and Affected Versions** QEMU (affected versions not specified) **Description** A flaw exists in QEMU where a specifically designed VMDK image can cause an out-of-bounds read. This could result in a leak of up to 12 bytes of sensitive information or a denial of service. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MongoDB C driver (affected versions not specified) **Description** A compromised third-party cloud server or a man-in-the-middle attacker could send a malformed HTTP response, leading to a crash in applications utilizing the MongoDB C driver. The issue involves a heap-buffer-over-read in the ` mongoc http send` function, specifically due to the use of `strstr` on a non-null-terminated buffer. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.