Micromilo

**Name of the Vulnerable Software and Affected Versions** jarun nnn versions up to 5.1 **Description** A security issue exists in jarun nnn that can lead to a double free. The impacted element is the `show content in floating window/run cmd as plugin` function within the `nnn/src/nnn.c` file. An attacker must have local access to exploit this issue. **Recommendations** Install the patch with identifier 2f07ccdf21e705377862e5f9dfa31e1694979ac7 to address this issue.

**Name of the Vulnerable Software and Affected Versions** mrubyc versions prior to 3.4 **Description** A security issue exists in mrubyc. The `mrbc raw realloc` function within the `src/alloc.c` file is susceptible to a null pointer dereference when the `ptr` argument is manipulated. This requires local access to exploit. **Recommendations** Implement the patch 009111904807b8567262036bf45297c3da8f1c87 to correct this issue.

**Name of the Vulnerable Software and Affected Versions** scipopt scip versions up to 9.2.1 **Description** A vulnerability has been found in the function `main` of the file `examples/LOP/src/genRandomLOPInstance.c` of the component File Descriptor Handler. The manipulation of the argument `File` leads to uncontrolled file descriptor consumption. Local access is required to approach this attack. **Recommendations** For scipopt scip versions up to 9.2.1, upgrade to version 9.2.2 to address this issue. As a temporary workaround, consider restricting access to the vulnerable component File Descriptor Handler until the upgrade is applied.

**Name of the Vulnerable Software and Affected Versions** RefindPlus versions 0.14.2.AB **Description** A vulnerability was found in RefindPlus, classified as problematic. The issue affects the `GetDebugLogFile` function of the file Library/MemLogLib/BootLog.c, leading to a null pointer dereference. Local attack is required to exploit this issue. **Recommendations** For version 0.14.2.AB, apply the patch identified as d2143a1e2deefddd9b105fb7160763c4f8d47ea2 to fix this issue. As a temporary workaround, consider disabling the `GetDebugLogFile` function until the patch is applied.

**Name of the Vulnerable Software and Affected Versions** RefindPlus versions 0.14.2.AB **Description** A vulnerability was found in RefindPlus, affecting the `InternalApfsTranslateBlock` function of the file Library/RP ApfsLib/RP ApfsIo.c. The manipulation leads to null pointer dereference. It is possible to launch the attack on the local host. **Recommendations** To fix this issue, apply the patch named 4d35125ca689a255647e9033dd60c257d26df7cb. As a temporary workaround, consider disabling the `InternalApfsTranslateBlock` function until the patch is applied.