Jaenact

**Name of the Vulnerable Software and Affected Versions** AIS-catcher versions prior to 0.64 **Description** AIS-catcher is a multi-platform AIS receiver. A heap buffer overflow exists in the `AIS::Message` class. This allows an attacker to write approximately 1KB of arbitrary data into a 128-byte buffer. The issue allows attackers to exploit memory management errors, potentially executing arbitrary code or causing system crashes. **Recommendations** Update to version 0.64 or later.

**Name of the Vulnerable Software and Affected Versions** AIS-catcher versions prior to 0.64 **Description** AIS-catcher, a multi-platform AIS receiver, contains a flaw in its MQTT parsing logic. An integer underflow can be triggered by sending a crafted MQTT packet with a modified Topic Length field. This can cause a significant Heap Buffer Overflow, resulting in a Denial of Service (DoS). When used as a library, this can also lead to severe Memory Corruption, potentially enabling Remote Code Execution (RCE). The issue is related to the parsing of the `Topic Length` field within MQTT packets. **Recommendations** Update to version 0.64 or later.