Jiayu Zhao

**Name of the Vulnerable Software and Affected Versions** Xpdf version 4.04 **Description** An issue was discovered that causes a crash in the `gfseek( IO FILE*, long, int)` function in the `goo/gfile.cc` file. **Recommendations** For Xpdf version 4.04, as a temporary workaround, consider disabling the `gfseek()` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Bento4 version 1.6.0-639 **Description** A memory leak issue exists in the `AP4 StdcFileByteStream::Create` function, specifically in the `System/StdC/Ap4StdCFileByteStream.cpp` file. This issue can lead to memory exhaustion if exploited. **Recommendations** For Bento4 version 1.6.0-639, consider restricting access to the `AP4 StdcFileByteStream::Create` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.