Louiselalanne

**Name of the Vulnerable Software and Affected Versions** Moderna Sistemas ModernaNet Hospital Management System version 2024 **Description** The system is susceptible to an issue that allows unauthorized access to sensitive medical information. This is due to the handling of user data access through the "/Modernanet/LAUDO/LAU0000100/Laudo?id=" API endpoint. By manipulating the `id` parameter, an attacker can gain access to sensitive information. **Recommendations** For Moderna Sistemas ModernaNet Hospital Management System version 2024, consider restricting access to the "/Modernanet/LAUDO/LAU0000100/Laudo?id=" API endpoint to minimize the risk of exploitation. Avoid using the `id` parameter in this endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Miro Desktop version 0.8.18 **Description** The issue is related to incorrect code generation management in the Miro digital collaboration platform on macOS, which may allow a remote attacker to execute arbitrary code. The exploitation involves a complex series of steps, including bypassing a kTCCServiceSystemPolicyAppBundles requirement via a file copy, an app.app/Contents rename, an asar modification, and a rename back to app.app/Contents. This might be usable in some environments. **Recommendations** For Miro Desktop version 0.8.18, consider disabling the Electron code injection functionality until a patch is available. Restrict access to the app.app/Contents directory to minimize the risk of exploitation. Avoid using the asar modification feature in the affected version until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** XMachOViewer version 0.04 **Description** A dylib injection issue allows attackers to compromise integrity by injecting unauthorized code into the product's processes. This could potentially lead to remote control and unauthorized access to sensitive user data. **Recommendations** For XMachOViewer version 0.04, at the moment, there is no information about a newer version that contains a fix for this vulnerability.