Sae-As-Me

**Name of the Vulnerable Software and Affected Versions** HDF5 versions up to 1.14.6 **Description** A problematic issue has been identified, affecting the `H5MM realloc` function in the file `src/H5MM.c`. The manipulation of the `mem` argument leads to a double free condition. This issue can be exploited locally. **Recommendations** For HDF5 versions up to 1.14.6, consider applying a patch or fix that addresses the double free condition in the `H5MM realloc` function. As a temporary workaround, restrict the use of the `H5MM realloc` function to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: Open Asset Import Library Assimp version 5.4.3 Description: A critical issue was found in the Open Asset Import Library Assimp, affecting the `Assimp::MD3Importer::ValidateSurfaceHeaderOffsets` function of the `MD3Loader.cpp` file in the File Handler component. This issue leads to a heap-based buffer overflow. The attack must be launched locally. Recommendations: For Open Asset Import Library Assimp version 5.4.3, as a temporary workaround, consider disabling the `Assimp::MD3Importer::ValidateSurfaceHeaderOffsets` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.