Kas Dekel

**Name of the Vulnerable Software and Affected Versions** Windows Virtualization-Based Security (VBS) Enclave (affected versions not specified) **Description** A heap-based buffer overflow exists within the Windows Virtualization-Based Security (VBS) Enclave component. This condition allows a locally authorized attacker to gain elevated privileges on the system. The issue involves a flaw that can be exploited to affect system security. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Kubernetes secrets-store-sync-controller versions prior to 0.0.2 **Description** The Kubernetes `secrets-store-sync-controller` discloses service account tokens in logs. **Recommendations** Update to version 0.0.2 or later.