lenovo warranty check/lookup | check warranty status | lenovo support us

This Metasploit module attempts to bruteforce the SID on the Oracle application server iSQL*Plus login pages. It does this by testing Oracle error responses returned in the HTTP response. Incorrect username/pass with a correct SID will produce an Oracle ORA-01017 error. Works against Oracle 9.2, 10.1 and 10.2 iSQL*Plus. This Metasploit module will attempt to fingerprint the version and automatically select the correct POST request.

EnBw SENEC Legacy Storage Box versions 1 through 3 suffered from a default credential issue.

In snapd versions prior to 2.62, snapd failed to properly check the destination of symbolic links when extracting a snap. The snap format is a squashfs file-system image and so can contain symbolic links and other file types. Various file entries within the snap squashfs image (such as icons and desktop files etc) are directly read by snapd when it is extracted. An attacker who could convince a user to install a malicious snap which contained symbolic links at these paths could then cause snapd to write out the contents of the symbolic link destination into a world-readable directory. This in-turn could allow an unprivileged user to gain access to privileged information.

### Impact Any native code packages built by `pkg` are written to a hardcoded directory. On unix systems, this is `/tmp/pkg/*` which is a shared directory for all users on the same local system. There is no uniqueness to the package names within this directory, they are predictable. An attacker who has access to the same local system has the ability to replace the genuine executables in the shared directory with malicious executables of the same name. A user may then run the malicious executable without realising it has been modified. ### Patches This package is deprecated. Therefore, there will not be a patch provided for this vulnerability. ### Recommended Action: To check if your executable build by pkg depends on native code and is vulnerable, run the executable and check if `/tmp/pkg/` was created. Users should transition to actively maintained alternatives. We would recommend investigating Node.js 21’s support for [single executable applications](https://nodejs.org/api/single...

In libming 0.4.8, the parseSWF_DEFINELOSSLESS2 function in util/parser.c lacks a boundary check that would lead to denial-of-service attacks via a crafted SWF file.

### Impact A vulnerability in Ghost allows authenticated users to upload files which are symlinks. This can be exploited to perform an arbitrary file read of any file on the operating system. Site administrators can check for exploitation of this issue by looking for unknown symlinks within Ghost's `content/` folder ### Vulnerable versions This security vulnerability is present in Ghost ≤ v5.59.0. ### Patches v5.59.1 contains a fix for this issue. ### For more information If you have any questions or comments about this advisory: * Email us at [[email protected]](mailto:[email protected])

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 3.2.18.2, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, R6900P before 1.3.3.140, R7000 before 1.0.11.126, R7000P before 1.3.3.140, R7850 before 1.0.5.68, R7900 before 1.0.4.46, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.68, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, and XR1000 before 1.0.0.58.

Snipe-IT through 6.0.14 allows attackers to check whether a user account exists because of response variations in a /password/reset request.

Jenkins Sidebar Link Plugin 2.2.1 and earlier does not restrict the path of files in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system.

This advisory contains mitigations for Missing Support for Integrity Check, Improper Access Control, Unrestricted Upload of File with Dangerous Type, Improper Verification of Cryptographic Signature, Insufficient Verification of Data Authenticity, and Path Traversal: ‘\..\filename’ vulnerabilities in Emerson Proficy Machine Edition, an engineering workstation.