Shadowbyte1

**Name of the Vulnerable Software and Affected Versions** Prometheus versions prior to 3.5.3 Prometheus versions prior to 3.11.3 **Description** Prometheus is an open-source monitoring system and time series database. The remote read endpoint "/api/v1/read" fails to validate the declared decoded length in a snappy-compressed request body before allocating memory. An unauthenticated attacker can send a small payload to trigger a large heap allocation per request, which can exhaust available memory and crash the process under concurrent load. **Recommendations** Update to version 3.5.3. Update to version 3.11.3.

**Name of the Vulnerable Software and Affected Versions** Codazon Magento Themes versions 1.1.0.0 through 2.4.7 **Description** A reflected cross-site scripting (XSS) issue exists in Codazon Magento Themes. This allows attackers to execute arbitrary Javascript within a user's browser by injecting a crafted payload into the `cat` parameter. The attack is reflected, meaning the malicious script is executed when a user interacts with a specially crafted link. **Recommendations** Update Codazon Magento Themes to a version later than 2.4.7.

**Name of the Vulnerable Software and Affected Versions** Neto CMS versions 6.313.0 through 6.314.0 **Description** A CRLF injection flaw exists in Neto CMS. This issue allows attackers to potentially execute arbitrary code by submitting a specially crafted HTTP request. The vulnerability is due to insufficient input validation, specifically regarding carriage return and line feed characters. **Recommendations** Update Neto CMS to a version newer than 6.314.0.

**Name of the Vulnerable Software and Affected Versions** podofo versions 0.10.0 through 0.10.5 **Description** A heap-use-after-free issue exists in the `PdfTokenizer::ReadDictionary` function. This allows attackers to potentially cause a Denial of Service (DoS) by providing a specially crafted PDF file. **Recommendations** Update podofo to a version newer than 0.10.5.

**Name of the Vulnerable Software and Affected Versions** Poppler versions 24.06.1 through 25.04.0 **Description** The software is susceptible to a stack consumption issue leading to a SIGSEGV signal. This occurs when processing PDF documents containing deeply nested structures within their metadata, such as the `GTS PDFEVersion` field. The issue is present in functions including `Dict::lookup`, `Catalog::getMetadata`, and related functions within `PDFDoc`, specifically due to deep recursion in the regular expression executor (`std:: detail:: Executor`). **Recommendations** Update to version 25.04.0 or later.

**Name of the Vulnerable Software and Affected Versions** Vehicle Management System versions 1.0 through 1.3 **Description** The issue concerns a SQL injection vulnerability. A guest user can exploit vulnerable POST parameters in various administrative actions, such as booking a vehicle or confirming a booking. The affected parameters include `Booking ID`, `Action Name`, and `Payment Confirmation ID`, which are present in "/newvehicle.php" and "/newdriver.php". **Recommendations** For Vehicle Management System versions 1.0 through 1.3, consider disabling the vulnerable parameters `Booking ID`, `Action Name`, and `Payment Confirmation ID` in the affected API endpoints "/newvehicle.php" and "/newdriver.php" until a patch is available. Restrict access to these endpoints to minimize the risk of exploitation. Avoid using the vulnerable parameters in administrative actions until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Vehicle Management System version 1.0 **Description** The issue is a Stored Cross-Site Scripting (XSS) vulnerability in the `Name` parameter of the "/vehicle-management/booking.php" API endpoint. This allows for malicious scripts to be stored and executed on the system. **Recommendations** For Vehicle Management System version 1.0, consider disabling the `Name` parameter in the "/vehicle-management/booking.php" API endpoint until a patch is available. Restrict access to this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Car Rental Management System versions 1.0 through 1.3 **Description** The issue allows attackers to execute arbitrary code via uploading a crafted file, exploiting an authenticated arbitrary file upload vulnerability. **Recommendations** For versions 1.0 through 1.3, consider disabling the file upload feature until a patch is available to prevent exploitation. Restrict access to the file upload module to minimize the risk of arbitrary code execution. Avoid using the file upload functionality in the affected system until the issue is resolved.