Karan Bamal

Name of the Vulnerable Software and Affected Versions: Visual Studio (affected versions not specified) Description: The issue is related to an elevation of privilege vulnerability in the Visual Studio installer, which is associated with an uncontrolled search path element. Exploitation of this issue may allow an attacker to elevate their privileges. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Samsung Portable SSD for T5 version 1.6.10 **Description** An issue was discovered in the installer of Samsung Portable SSD for T5 on Windows, allowing an attacker to tamper with the directory and DLL files used during the installation process. This can lead to privilege escalation through arbitrary code execution, but the attacker must already have user privileges. **Recommendations** For Samsung Portable SSD for T5 version 1.6.10, consider updating to a newer version that addresses this issue, as no specific fix is provided for this version. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Logitech Options (affected versions not specified) **Description** An issue was discovered in the OAuth 2.0 implementation, where the `state` parameter was not properly validated. This leaves applications vulnerable to Cross-Site Request Forgery (CSRF) attacks during authentication and authorization operations. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Logitech Sync for Windows versions prior to 2.4.574 **Description** The issue is related to a Time-of-check Time-of-use (TOCTOU) Race Condition, which may allow escalation of permission to the system user if successfully exploited. **Recommendations** For versions prior to 2.4.574, update to version 2.4.574 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** reportlab versions prior to the version with the fix **Description** The issue is related to Server-side Request Forgery (SSRF) via img tags. It allows a remote attacker to access confidential data due to insufficient request validation. To reduce the risk, using trustedSchemes and trustedHosts as specified in Reportlab's documentation is recommended. The vulnerability can be exploited by injecting an img tag with a malicious src attribute into a text file that is converted to PDF. This can be demonstrated by following specific steps, including downloading and installing the latest package of reportlab, injecting a malicious img tag into a text file, and creating a netcat listener to capture the server-side request. **Recommendations** To resolve the issue, use trustedSchemes and trustedHosts as specified in Reportlab's documentation for all versions of reportlab prior to the version with the fix. As a temporary workaround, consider restricting the use of img tags in reportlab until a patch is available. Avoid using untrusted sources for img tags in reportlab to minimize the risk of exploitation.