Sanan Hasanov

**Name of the Vulnerable Software and Affected Versions** IRZ Electronics RUH2 GSM router (affected versions not specified) **Description** The issue allows an attacker to obtain sensitive information via the `Upload File` parameter. This is a Cross Site Scripting vulnerability. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux Kernel (affected versions not specified) **Description** A flaw was found in the Framebuffer Console (fbcon) in the Linux Kernel. The issue is related to the `fbcon set font()` function, which is vulnerable to an integer overflow due to a lack of bounds checking. This can occur when `font->width` and `font->height` values greater than 32 are provided to `fbcon set font()`, leading to a shift-out-of-bounds and resulting in undefined behavior. This could potentially allow an attacker to impact the confidentiality, integrity, and availability of protected information, and may lead to a denial of service. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.