Jan Iankko Lieskovsky

**Name of the Vulnerable Software and Affected Versions** OpenVAS Manager version 2.0.3 **Description** The issue allows for remote code execution through plugins. **Recommendations** For OpenVAS Manager version 2.0.3, consider disabling plugin functionality until a patch is available. Restrict access to the plugin interface to minimize the risk of exploitation. Avoid using the plugin feature in the affected version until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** HTML-Parser versions prior to 3.63 **Description** The issue allows context-dependent attackers to cause a denial of service, specifically an infinite loop, by providing an incomplete SGML numeric character reference. This triggers the generation of an invalid UTF-8 character through the decode entities function in util.c. **Recommendations** For versions prior to 3.63, update to version 3.63 or later to resolve the issue.