Patrick William

**Name of the Vulnerable Software and Affected Versions** vBulletin versions 5.x through 5.1.6 **Description** The issue allows remote authenticated users to bypass authorization checks and inject private messages into conversations. This is due to an input validation failure. **Recommendations** For versions 5.x through 5.1.6, update to a version that contains a fix for this issue to prevent unauthorized access and private message injection.

**Name of the Vulnerable Software and Affected Versions** Exim versions prior to 4.83 **Description** The issue allows local users to gain privileges and execute arbitrary commands via a crafted lookup value. This is due to the expansion of mathematical comparisons twice in the expand.c file. **Recommendations** For versions prior to 4.83, update to version 4.83 or later to resolve the issue. As a temporary workaround, consider restricting access to the lookup value to minimize the risk of exploitation.