Poplix

**Name of the Vulnerable Software and Affected Versions** Chicken of the VNC (cotv) version 2.0 **Description** The issue allows remote attackers to cause a denial of service, resulting in an application crash. This is achieved by sending a ServerInit packet with a large computer-name size value, which triggers a failed malloc and a resulting NULL dereference. **Recommendations** For Chicken of the VNC (cotv) version 2.0, consider restricting access to the ServerInit packet to minimize the risk of exploitation until a patch is available.

**Name of the Vulnerable Software and Affected Versions** D-LINK DWL-2000AP+ firmware 2.11 **Description** The issue allows remote attackers to cause a denial of service, resulting in either a device reset or crash, by flooding the device with ARP replies or requests on the wired or wireless link. **Recommendations** For D-LINK DWL-2000AP+ firmware 2.11, consider restricting access to the device to minimize the risk of exploitation, and apply configuration changes to limit the impact of ARP floods.

Name of the Vulnerable Software and Affected Versions: easy notesManager (eNM) version 0.0.1 Description: The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via two methods: (1) the `username` parameter in the "login.php" endpoint, and (2) by performing a search on the "search page." Recommendations: For easy notesManager (eNM) version 0.0.1, consider restricting access to the `login.php` endpoint and limiting the functionality of the search feature on the "search page" to minimize the risk of exploitation. Avoid using the `username` parameter in the login endpoint until the issue is resolved.