Hellok

**Name of the Vulnerable Software and Affected Versions** GitLab versions 6.0 through 6.4 **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via a crafted HTML file. This can be demonstrated by using a specially crafted README.html file. **Recommendations** For GitLab versions 6.0 through 6.4, update to version 6.5.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** QQPlayer version 3.2.845 **Description** A stack-based buffer overflow issue allows remote attackers to execute arbitrary code via a crafted `PnSize` value in a MOV file. **Recommendations** For QQPlayer version 3.2.845, update to a newer version that contains a fix for this issue.