Vvx7

**Name of the Vulnerable Software and Affected Versions** Flipper Zero versions prior to 0.65.2 **Description** A buffer overflow in the `nfc device load mifare ul data` component allows attackers to cause a Denial of Service (DoS) via a crafted NFC file. **Recommendations** For versions prior to 0.65.2, update to version 0.65.2 or later to resolve the issue. As a temporary workaround, consider restricting the use of NFC files to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Node versions 18.7.0 **Description** The issue is related to the llhttp parser in the http module, which does not correctly handle header fields that are not terminated with CLRF, potentially resulting in HTTP Request Smuggling. There is also a mention of a vulnerability in the SINEC INS software related to bypassing the authentication mechanism, allowing a remote attacker to execute arbitrary code. **Recommendations** For Node version 18.7.0, update to a newer version to mitigate the risk of HTTP Request Smuggling. As a temporary workaround, consider restricting the handling of header fields that are not terminated with CLRF until a patch is available.