Lxxxt

**Name of the Vulnerable Software and Affected Versions** code-projects Bus Reservation System version 1.0 **Description** A critical issue was found in the Login function of the Login Form component. The manipulation of the `Str1` argument leads to a buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. **Recommendations** As a temporary workaround, consider disabling the Login function until a patch is available. Restrict access to the Login Form component to minimize the risk of exploitation. Avoid using the `Str1` argument in the affected component until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** codeprojects Product Management System version 1.0 **Description** A vulnerability was found in the codeprojects Product Management System, classified as problematic. This issue affects some unknown processing of the component Login. The manipulation of the argument `Str1` leads to buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. **Recommendations** For codeprojects Product Management System version 1.0, as a temporary workaround, consider restricting access to the Login component until a patch is available. Avoid manipulating the `Str1` argument in the affected component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC10 version 16.03.10.13 **Description** A critical issue affects the `ShutdownSetAdd` function of the file `/goform/ShutdownSetAdd`. The manipulation of the argument list leads to a stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. **Recommendations** For Tenda AC10 version 16.03.10.13, as a temporary workaround, consider disabling the `ShutdownSetAdd` function until a patch is available. Restrict access to the `/goform/ShutdownSetAdd` file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.