Michal

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A NULL pointer dereference occurs when reading portli debugfs files. This issue arises when the number of port registers counted in `xhci->max ports` exceeds the ports reported by Supported Protocol capabilities, which can happen if `max ports` is greater than the maximum port number or if gaps exist between ports of different speeds. In these scenarios, `port->rhub` becomes NULL, preventing access to the xhci structure. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Stackposts Social Marketing Tool (affected versions not specified) **Description** The issue allows for a Cross-site Scripting (XSS) attack due to improper neutralization of input during web page generation. This can be exploited by submitting a payload in the `username` during registration, which can then be executed later in the application panel, potentially leading to unauthorized acquisition of information, such as cookies from a logged-in user. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Thunderbird versions prior to 91.10 Firefox versions prior to 101 Firefox ESR versions prior to 91.10 **Description** The issue is related to a timing attack that could be exploited by sending a large number of allowCredential entries, allowing an attacker to detect the difference between invalid key handles and cross-origin key handles. This could lead to cross-origin account linking, violating WebAuthn goals. The vulnerability is also related to the implementation of the CORS mechanism in browsers, which could allow a remote attacker to bypass security restrictions and gain unauthorized access to protected information. **Recommendations** For Thunderbird versions prior to 91.10, update to version 91.10 or later. For Firefox versions prior to 101, update to version 101 or later. For Firefox ESR versions prior to 91.10, update to version 91.10 or later.