Victor

Name of the Vulnerable Software and Affected Versions: Windows Remote Desktop Services (affected versions not specified) Description: The issue is related to the use of insecure mechanisms for handling authentication data in the operating system's memory. It allows a remote attacker to execute arbitrary code. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** FrozenNode Laravel-Administrator versions 5.0.12 and earlier **Description** The issue allows unrestricted file upload and consequently Remote Code Execution via the "admin/tips image/image/file upload" API endpoint, where an attacker can upload a GIF image with PHP content and a .php extension. The product is discontinued. **Recommendations** For versions 5.0.12 and earlier, as a temporary workaround, consider disabling the `admin/tips image/image/file upload` endpoint until a patch is available. Restrict access to this endpoint to minimize the risk of exploitation. Avoid using this endpoint with untrusted input until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.