Nicolas Delhaye

**Name of the Vulnerable Software and Affected Versions** Windows Mobile Broadband (affected versions not specified) **Description** A heap-based buffer overflow exists in the Windows Mobile Broadband driver. Exploitation of this issue could allow an unauthorized attacker to execute code. A physical attack is required for exploitation. The vulnerability allows an attacker to execute arbitrary code and affect the system. The entry point for exploitation involves the ability to send unsolicited events from a USB device to the host. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Bromium client versions 4.0.3.2060 through 4.1.7 Update 1 Description: The issue is caused by an out of bound read, resulting in a race condition that can lead to Kernel memory leaks or denial of service. Recommendations: For Bromium client versions 4.0.3.2060 through 4.1.7 Update 1, update to a version later than 4.1.7 Update 1 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Avira Free Antivirus version 15.0.1907.1514 **Description** The issue allows for local privilege escalation through the execution of kernel code from a restricted user. **Recommendations** For Avira Free Antivirus version 15.0.1907.1514, at the moment, there is no information about a newer version that contains a fix for this issue.