Jack

**Name of the Vulnerable Software and Affected Versions** MyASUS (affected versions not specified) **Description** An issue involving insecure storage of sensitive keys was identified in MyASUS. This could potentially allow an unauthorized actor to obtain a token used for communication with certain services. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 13 **Description** The issue was addressed with improved memory handling. Processing a maliciously crafted gcx file may lead to unexpected app termination or arbitrary code execution. **Recommendations** For versions prior to 13, update to macOS Ventura 13 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** eNdonesia version 8.4 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `loc id` parameter in a `list events` action to `mod.php`. **Recommendations** For version 8.4, avoid using the `loc id` parameter in the `list events` action to `mod.php` until the issue is resolved. Consider restricting access to the Calendar module to minimize the risk of exploitation.