Security
Headlines
HeadlinesLatestCVEs

Search

lenovo warranty check/lookup | check warranty status | lenovo support us

Found 10000 results in 54 ms.

CVE-2020-36527: Multiple Cross-Site Scripting Vulnerabilities in Confluence Marketplace Plugins

A vulnerability, which was classified as problematic, has been found in Server Status. This issue affects some unknown processing of the component HTTP Status/SMTP Status. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

CVE
#xss#vulnerability#web#mac#windows#java#jira
CVE-2022-1043: io_uring: fix xa_alloc_cycle() error return value check · torvalds/linux@a30f895

A flaw was found in the Linux kernel’s io_uring implementation. This flaw allows an attacker with a local account to corrupt system memory, crash the system or escalate privileges.

National Public Data leaked passwords online

The National Public Data breach includes the Social Security Numbers of many US citizens. Find out about yours.

PSA: These ‘Microsoft Support’ ploys may just fool you

We came a cross a clever abuse of Google and Microsoft's services that fooled us for a minute. See if you could have spotted it.

CVE-2023-35846: [ipfilter] Check transport layer length in frame before filtering ports · virtualsquare/picotcp@d561990

VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 does not check the transport layer length in a frame before performing port filtering.

2025’s Top OSINT Tools: A Fresh Take on Open-Source Intel

Check out the top OSINT tools of 2025, an updated list featuring the best free and paid open-source…

Fake Booking.com phish uses fake CAPTCHAs to trick hotel staff into downloading malware

Fake Booking.com emails sent to hotels lead to fake Captcha sites that trick the staff into infecting their own systems

CVE-2022-41860: it's probably wrong to be completely retarded. Let's fix that. · FreeRADIUS/freeradius-server@f1cdbb3

In freeradius, when an EAP-SIM supplicant sends an unknown SIM option, the server will try to look that option up in the internal dictionaries. This lookup will fail, but the SIM code will not check for that failure. Instead, it will dereference a NULL pointer, and cause the server to crash.

CVE-2022-23098: connman/connman.git - Connection Manager

An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation has an infinite loop if no data is received.

GHSA-cmvg-w72j-7phx: org.xwiki.platform:xwiki-platform-skin-skinx vulnerable to basic Cross-site Scripting by exploiting JSX or SSX plugins

### Impact There was no check in the author of a JavaScript xobject or StyleSheet xobject added in a XWiki document, so until now it was possible for a user having only Edit Right to create such object and to craft a script allowing to perform some operations when executing by a user with appropriate rights. ### Patches This has been patched in XWiki 14.9-rc-1 by only executing the script if the author of it has Script right. ### Workarounds The only known workaround consists in applying [the following patch](https://github.com/xwiki/xwiki-platform/commit/fe65bc35d5672dd2505b7ac4ec42aec57d500fbb) and rebuilding and redeploying `xwiki-platform-skin-skinx`. ### References * https://jira.xwiki.org/browse/XWIKI-19514 * https://jira.xwiki.org/browse/XWIKI-9119 * https://jira.xwiki.org/browse/XWIKI-19583 ### For more information If you have any questions or comments about this advisory: * Open an issue in [Jira](http://jira.xwiki.org) * Email us at [Security ML](mailto:security@x...