Meng Xu

**Name of the Vulnerable Software and Affected Versions** libpcap (affected versions not specified) **Description** On Windows operating systems, a buffer overflow can occur when `libpcap` converts a Windows error message to UTF-8 if the message contains characters requiring 4 bytes in UTF-8 representation. The function `utf 16le to utf 8 truncated()` may write data beyond the allocated buffer size in such cases. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: vim version 9.1.0000 Description: A memory corruption issue exists in vim version 9.1.0000 due to the manipulation of the ` memmove avx unaligned erms` function within the `memmove-vec-unaligned-erms.S` file. The issue is exploitable locally. An exploit is publicly available. Some users report difficulty reproducing the issue when coloring is enabled. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: vim versions prior to 9.1.1616 Description: A security flaw exists in vim due to a buffer overflow in the `main` function of the `xxd.c` file within the `xxd` component. The vulnerability is locally exploitable. An exploit for this issue has been publicly released. Recommendations: Upgrade to version 9.1.1616.

**Name of the Vulnerable Software and Affected Versions** FreeBSD versions prior to 11.1 **Description** The issue is related to a race condition in the smb strdupin function, located in sys/netsmb/smb subr.c, which can cause an out-of-bounds read. This occurs because the function may result in t2p->t name strings lacking a final '0' character. **Recommendations** For versions prior to 11.1, update to a version that includes the fix for this issue to prevent potential exploitation.