Sangbin Kim

**Name of the Vulnerable Software and Affected Versions** Oracle VM VirtualBox versions 7.1.14 and 7.2.4 **Description** An easily exploitable issue exists in the Oracle VM VirtualBox Core component, potentially allowing a high-privileged attacker with access to the system where Oracle VM VirtualBox runs to compromise the software. Successful exploitation can lead to a takeover of Oracle VM VirtualBox, and may significantly impact additional products. **Recommendations** Update Oracle VM VirtualBox version 7.1.14 to a later version. Update Oracle VM VirtualBox version 7.2.4 to a later version.

**Name of the Vulnerable Software and Affected Versions** Oracle VM VirtualBox versions 7.1.14 and 7.2.4 **Description** An easily exploitable issue exists in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). A high-privileged attacker with access to the infrastructure where Oracle VM VirtualBox runs can compromise the software. Successful attacks can lead to a takeover of Oracle VM VirtualBox and may significantly impact additional products. **Recommendations** Update Oracle VM VirtualBox version 7.1.14 to a newer, fixed version. Update Oracle VM VirtualBox version 7.2.4 to a newer, fixed version.

**Name of the Vulnerable Software and Affected Versions** Oracle VM VirtualBox versions 7.1.14 and 7.2.4 **Description** A difficult to exploit issue exists in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). An attacker with high privileges who has access to the system where Oracle VM VirtualBox is running can compromise the software. Successful exploitation can lead to a takeover of Oracle VM VirtualBox and may significantly impact other products. **Recommendations** Update Oracle VM VirtualBox to a newer version that addresses this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Oracle VM VirtualBox version 7.1.10 **Description** An easily exploitable issue exists in the Core component of Oracle VM VirtualBox, allowing a high-privileged attacker with access to the infrastructure where Oracle VM VirtualBox executes to compromise the software. Successful exploitation can result in a takeover of Oracle VM VirtualBox and may significantly impact additional products. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Xpdf versions 4.05 and earlier **Description** The issue is an out-of-bounds array write triggered by a long Unicode sequence in ActualText. This can potentially lead to exploitation. **Recommendations** For Xpdf versions 4.05 and earlier, consider updating to a newer version to mitigate the risk, as no specific fix is provided for these versions. At the moment, there is no information about a newer version that contains a fix for this vulnerability.