King

**Name of the Vulnerable Software and Affected Versions** Pricing Deals for WooCommerce WordPress plugin versions 2.0.2.02 and earlier **Description** The issue arises from the plugin's failure to properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to an unauthenticated SQL injection. **Recommendations** For Pricing Deals for WooCommerce WordPress plugin versions 2.0.2.02 and earlier, update to a version later than 2.0.2.02 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** vim versions prior to 8.0.0377 **Description** The issue arises from an integer overflow at a u read undo memory allocation site. This occurs when vim does not properly validate values for tree length while reading a corrupted undo file, potentially leading to buffer overflows. **Recommendations** For versions prior to 8.0.0377, update to a version that includes patch 8.0.0377 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** vim versions prior to 8.0.0378 **Description** The issue arises from an integer overflow at an unserialize uep memory allocation site. This occurs when vim does not properly validate values for tree length while reading a corrupted undo file, potentially leading to buffer overflows. **Recommendations** For versions prior to 8.0.0378, update to version 8.0.0378 or later to resolve the issue. As a temporary workaround, consider avoiding the use of corrupted undo files until a patch is applied. Restrict access to potentially malicious undo files to minimize the risk of exploitation.