CVE-2017-15200

In Kanboard before 1.0.47, by altering form data, an authenticated user can add a new task to a private project of another user...

CVE-2018-17179

An issue was discovered in OpenEMR before 5.0.1 Patch 7. There is SQL Injection in the maketask function in /interface/forms/eyemag/php/taskmanfunctions.php via /interface/forms/eyemag/taskman.php...

CVE-2017-15207

In Kanboard before 1.0.47, by altering form data, an authenticated user can edit tasks of a private project of another user...

CVE-2018-20943

cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon a post-update task SEC-352...

Intermesh BV Group Office CRM 安全漏洞

Intermesh BV Group Office CRM is an application from Intermesh BV. Share projects, calendars, files and emails online with colleagues and clients. Easy to use and fully customizable. A security vulnerability exists in Intermesh BV Group Office CRM versions prior to 6.8.119 and 25.0.20, which stem...

Unlearning Isn'T Deletion: Investigating Reversibility of Machine Unlearning in LLMs

Unlearning in large language models LLMs is intended to remove the influence of specific data, yet current evaluations rely heavily on token-level metrics such as accuracy and perplexity. We show that these metrics can be misleading: models often appear to forget, but their original behavior can ...

PT-2025-22529 · Unknown · Group-Office

Name of the Vulnerable Software and Affected Versions: Group-Office versions prior to 6.8.119 and 25.0.20 Description: The issue is a persistent Cross-Site Scripting XSS vulnerability in Group-Office's tasks comment functionality. This allows attackers to execute arbitrary JavaScript by uploading...

CVE-2008-0731

The Linux kernel before 2.6.18.8-0.8 in SUSE openSUSE 10.2 does not properly handle failure of an AppArmor changehat system call, which might allow attackers to trigger the unconfining of an apparmored task...

CVE-2009-1286

The IMAP task in the server in IBM Lotus Domino 8.0.2 before FP1 IF1 and 8.5 before IF3 allows remote attackers to cause a denial of service daemon crash via a MIME e-mail message with RFC822 attachments aka blobs containing malformed root entities...

CVE-2025-1415

A low-privileged user is able to obtain information about tasks executed on devices controlled by Proget MDM Mobile Device Management, as well as details of the devices like their UUIDs needed for exploitation of CVE-2025-1416. In order to perform the attack, one has to know a taskid, but since...

CVE-2025-1415

In Proget MDM, the CVE-2025-1415 issue concerns a low-privileged user who can retrieve information about tasks run on managed devices and obtain device UUIDs needed for exploitation of CVE-2025-1416. The attack requires knowing a task_id, but brute-forcing is possible due to lack of request limit...

CVE-2025-1415 Information disclosure in Proget MDM

A low-privileged user is able to obtain information about tasks executed on devices controlled by Proget MDM Mobile Device Management, as well as details of the devices like their UUIDs needed for exploitation of CVE-2025-1416. In order to perform the attack, one has to know a taskid, but since...

Inedo ProGet 安全漏洞

Inedo ProGet is a package management system from Inedo. A security vulnerability exists in Inedo ProGet versions prior to 2.17.5, which stems from a low-privileged user being able to obtain device task information and UUIDs...

PT-2025-22329

Name of the Vulnerable Software and Affected Versions Proget MDM versions prior to 2.17.5 Description A low-privileged user can obtain information about tasks executed on devices controlled by Proget MDM, as well as details of the devices like their UUIDs. To perform the attack, an attacker needs...

RSI Queue Management System 安全漏洞

RSI Queue Management System is an intelligent queue management system for the retail, healthcare or service industry from RSI Queue. A security vulnerability exists in RSI Queue Management System version v3.0 that stems from improper handling of the TaskID parameter, which could lead to an...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a race condition in the ublk module between command cancel and task job scheduling, which could cause the...

kernel: crypto: pcrypt - Fix hungtask for PADATA_RESET

In the Linux kernel, the following vulnerability has been resolved: crypto: pcrypt - Fix hungtask for PADATARESET We found a hungtask bug in testaeadveccfg as follows: INFO: task cryptomgrtest:391009 blocked for more than 120 seconds. "echo 0 /proc/sys/kernel/hungtasktimeoutsecs" disables this...

The vulnerability of the Windows operating system’s task scheduler allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Windows operating system’s task scheduler is related to insufficient checks for the correctness of messages or data structures. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...

kernel: kthread: unpark only parked kthread

In the Linux kernel, the following vulnerability has been resolved: kthread: unpark only parked kthread Calling into kthread unparking unconditionally is mostly harmless when the kthread is already unparked. The wake up is then simply ignored because the target is not in TASKPARKED state. However...

AZL-70144 CVE-2025-37861 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue When the task management thread processes reply queues while the reset thread resets them, the task management thread accesses an invalid queue ID 0xFFFF, s...