The vulnerability of PDF document viewing and editing programs such as PDF-XChange Editor, PDF-Tools, and PDF-XChange PRO lies in the ability to read data beyond the buffer in memory, allowing attackers to disclose protected information.

The vulnerability of PDF document viewing and editing programs such as PDF-XChange Editor, PDF-Tools, and PDF-XChange PRO lies in the reading of data beyond the buffer boundaries during file processing for PRC formats. Exploiting this vulnerability can allow attackers to disclose protected...

Efficient Unlearning with Privacy Guarantees

Privacy protection laws, such as the GDPR, grant individuals the right to request the forgetting of their personal data not only from databases but also from machine learning ML models trained on them. Machine unlearning has emerged as a practical means to facilitate model forgetting of data...

The vulnerability of the XML Services component of the Oracle BI Publisher software allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the XML Services component of the Oracle BI Publisher software for creating reports is related to insufficient protection of operational data. Exploiting this vulnerability may allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of Google Chrome and Microsoft Edge browsers allows attackers to circumvent security restrictions and gain unauthorized access to protected information.

The vulnerability of Google Chrome and Microsoft Edge browsers is related to the use of unreliable input data during security decision-making. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and gain unauthorized access to protected information by downloadin...

The vulnerability of the FreeScout support service management system, related to incorrect authorization, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the FreeScout support service management system is related to improper authorization. Exploiting this vulnerability can allow a remote attacker to gain unauthorized access to protected information...

The vulnerability of Documino’s automation platform for electronic document processing allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Documino automation platform for electronic document processing involves bypassing authentication due to a fundamental flaw. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information...

The vulnerability of the IBM Storage Protect (formerly IBM Spectrum Protect) software platform’s server allows a hacker to circumvent security restrictions and gain unauthorized access to protected information.

The vulnerability of the IBM Storage Protect formerly IBM Spectrum Protect software platform’s server lies in the lack of authentication for a critical function. Exploiting this vulnerability allows an attacker to bypass security restrictions and gain unauthorized access to protected information...

The vulnerability of Adobe InDesign’s computer layout automation tool, related to reading data beyond the buffer in memory, allows attackers to circumvent ASLR protection and gain unauthorized access to protected information.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to reading data outside the buffer in memory. Exploiting this vulnerability can allow an attacker to bypass ASLR protection and gain unauthorized access to protected information...

The vulnerability of the Citrix ADC application delivery controller (formerly Citrix NetScaler Application Delivery Controller) and the Citrix Gateway virtual environment access control system (formerly Citrix NetScaler Gateway) relates to the occurrence of operations outside the buffer in memory. This vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Citrix ADC application delivery controller formerly Citrix NetScaler Application Delivery Controller and the Citrix Gateway virtual environment access control system formerly Citrix NetScaler Gateway is related to an operation that goes beyond the buffer in memory...

The vulnerability of hybrid cloud solutions for managing thin clients in the Dell Wyse Management Suite arises from incorrect restrictions on path names to the catalog. This allows attackers to gain unauthorized access to protected information.

The vulnerability of the hybrid cloud solution for managing thin clients in the Dell Wyse Management Suite is related to an incorrect limitation on the path name to the catalog. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protect...

The vulnerability of the miEnumattr() function in the fs/ntfs3/record.c module of the Linux file system allows a attacker to access protected information or cause service failures.

The vulnerability of the miEnumattr function in the fs/ntfs3/record.c module of the Linux file system support module is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain access to protected information or cause service failures...

The vulnerability of the Apache Answer Q&A platform, related to the return of references to protected data from a public method, allows a violator to execute arbitrary code.

The vulnerability of the Apache Answer Q&A platform relates to the return of references to protected data from a public method. Exploiting this vulnerability could allow an attacker operating remotely to execute arbitrary code...

The vulnerability of the blkTraceRemoveQueue() function in the kernel/trace/blktrace.c module, which supports kernel tracing in Linux operating systems, allows a hacker to gain access to protected information.

The vulnerability of the blkTraceRemoveQueue function in the kernel/trace/blktrace.c module, which supports kernel tracing in Linux operating systems, is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to gain access to protected...

The vulnerability of the software for configuring and setting up devices of the UR series from GE Vernova Enervista UR Setup lies in the use of rigidly encrypted credentials. This allows a malicious individual to influence the integrity of the protected information.

The vulnerability of the software for configuring and setting up devices of the Universal Relay UR series from GE Vernova Enervista UR Setup lies in the use of rigidly encrypted credentials. Exploiting this vulnerability could allow an attacker to influence the integrity of the protected...

The vulnerability of the fsl_ifc_ctrl_remove() function in the drivers/memory/fsl_ifc.c module of the Linux kernel allows a attacker to compromise the confidentiality and accessibility of protected information.

The vulnerability of the fslifcctrlremove function in the drivers/memory/fslifc.c module of the Linux kernel is related to improper memory release before deleting the last reference „memory leak“. Exploiting this vulnerability could allow an attacker to compromise the confidentiality and...

Vulnerability of the sja1105_setup() function in the drivers/net/dsa/sja1105/sja1105_main.c module – the Linux kernel’s NXP SJA1105 switch support driver allows a hacker to gain access to protected information.

Vulnerability of the sja1105setup function in the drivers/net/dsa/sja1105/sja1105main.c module – The Linux operating system’s NXP SJA1105 switch support driver is vulnerable due to improper memory release before deleting the last reference memory leak. Exploiting this vulnerability can allow an...

Vulnerability of the amd_sfh_work() function in the driver/hid/amd-sfh-hid/amd_sfh_client.c file – a driver for the Linux kernel’s user interface device subsystem, which allows an attacker to access protected information.

Vulnerability of the amdsfhwork function in the driver/hid/amd-sfh-hid/amdsfhclient.c file – The driver for the Linux kernel’s user interface device subsystem is vulnerable due to improper memory release before deleting the last reference memory leak. Exploiting this vulnerability could allow an...

The vulnerability of the `of_bcm_voter_get()` function in the `drivers/interconnect/qcom/bcm-voter.c` module of the Linux operating system allows a hacker to gain access to protected information or cause a service failure.

The vulnerability of the ofbcmvoterget function in the drivers/interconnect/qcom/bcm-voter.c module of the Linux kernel is related to security configuration errors. Exploiting this vulnerability can allow an attacker to access protected information or cause service failures...

Vulnerability of the sa_run() function in the drivers/crypto/sa2ul.c module – A driver for the Linux kernel cryptographic accelerator, which allows an attacker to gain access to protected information

Vulnerability of the sarun function in the drivers/crypto/sa2ul.c module – The driver for the Linux kernel cryptographic accelerator is vulnerable to a vulnerability where memory is not properly freed before removing the last reference to memory memory leak. Exploiting this vulnerability could...

Vulnerability of the uss720_probe() function in the drivers/usb/misc/uss720.c module – The driver for supporting USB devices in Linux kernel allows a hacker to gain access to protected information.

Vulnerability of the uss720probe function in the drivers/usb/misc/uss720.c module – The Linux kernel’s USB device support driver is vulnerable to security-related errors. Exploiting this vulnerability could allow an attacker to gain access to protected information...