Luis Manuel Alvarez Tapia

**Name of the Vulnerable Software and Affected Versions** Polarion ALM versions prior to 2404.0 **Description** A vulnerability has been identified in the Apache Lucene based query engine of Polarion ALM, which lacks proper access controls. This could allow an authenticated user to query items beyond the user's allowed projects, potentially granting unauthorized access to restricted functions. **Recommendations** For versions prior to 2404.0, upgrade to the latest version to mitigate the risk associated with the improper access via the Query Engine. As a temporary workaround, consider restricting access to the query engine until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Android versions 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 **Description** A elevation of privilege vulnerability exists in the Android media framework, specifically in libstagefright. **Recommendations** For versions 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, at the moment, there is no information about a newer version that contains a fix for this vulnerability.