Hector Peralta

**Name of the Vulnerable Software and Affected Versions** Skype for Consumer (affected versions not specified) **Description** The issue is related to insufficient input validation, allowing a remote attacker to execute arbitrary code. Exploitation may require user action, such as visiting a malicious page. The estimated number of potentially affected devices worldwide is not provided. There is no information about real-world incidents where this issue was exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Asana Desktop versions prior to 1.6.0 **Description** The issue allows remote attackers to exfiltrate local files if they can trick the Asana desktop app into loading a malicious web page. **Recommendations** For versions prior to 1.6.0, update to version 1.6.0 or later to resolve the issue.