Peter Kasza

**Name of the Vulnerable Software and Affected Versions** Achat version 0.150 **Description** A stack-based buffer overflow exists in the default configuration. By sending a specially crafted message to the UDP port 9256, an attacker can overwrite the structured exception handler (SEH) due to insufficient bounds checking on user-supplied input, leading to remote code execution. **Recommendations** Update Achat to a version beyond 0.150.

**Name of the Vulnerable Software and Affected Versions** mini httpd versions 1.21 and earlier **Description** The issue allows remote attackers to obtain sensitive information from process memory via an HTTP request with a long protocol string. This occurs because the long protocol string triggers an incorrect response size calculation and an out-of-bounds read. **Recommendations** For mini httpd versions 1.21 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.