Security
Headlines
HeadlinesLatestCVEs

Search

lenovo warranty check/lookup | check warranty status | lenovo support us

Found 10000 results in 52 ms.

CVE-2023-35142: Jenkins Security Advisory 2023-06-14

Jenkins Checkmarx Plugin 2022.4.3 and earlier disables SSL/TLS validation for connections to the Checkmarx server by default.

CVE
#xss#csrf#vulnerability#git#java#aws#maven#ssl
CVE-2023-32261: Jenkins Security Advisory 2023-06-14

A potential vulnerability has been identified in the Micro Focus Dimensions CM Plugin for Jenkins. The vulnerability allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. See the following Jenkins security advisory for details: * https://www.jenkins.io/security/advisory/2023-06-14/ https://www.jenkins.io/security/advisory/2023-06-14/

CVE-2023-49355: GitHub - jqlang/jq at 88f01a741c8d63c4d1b5bc3ef61520c6eb93edaa

decToString in decNumber/decNumber.c in jq 88f01a7 has a one-byte out-of-bounds write via the " []-1.2e-1111111111" input.

Malware targets 30 unpatched WordPress plugins

Categories: News Tags: WordPress Tags: exploit Tags: vulnerability Tags: plugin Tags: theme Tags: update Tags: linux malware Tags: backdoor It's time to check your website is up to date. (Read more...) The post Malware targets 30 unpatched WordPress plugins appeared first on Malwarebytes Labs.

QR Code Scam: Fake Voicemails Target Users, 1000 Attacks in 14 Days

By Deeba Ahmed Fake Voicemail Phishing on the Rise: Check Point Reveals How Hackers are Exploiting Corporate Phone Systems. This is a post from HackRead.com Read the original post: QR Code Scam: Fake Voicemails Target Users, 1000 Attacks in 14 Days

CVE-2022-46604: ResponsiveFilemanager/execute.php at v9.9.5 · trippo/ResponsiveFilemanager

An issue in Tecrail Responsive FileManager v9.9.5 and below allows attackers to bypass the file extension check mechanism and upload a crafted PHP file, leading to arbitrary code execution.

CVE-2020-3585: Cisco Security Advisory: Cisco Firepower 1000 Series Bleichenbacher Attack Vulnerability

A vulnerability in the TLS handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000 Series firewalls could allow an unauthenticated, remote attacker to gain access to sensitive information. The vulnerability is due to improper implementation of countermeasures against the Bleichenbacher attack for cipher suites that rely on RSA for key exchange. An attacker could exploit this vulnerability by sending crafted TLS messages to the device, which would act as an oracle and allow the attacker to carry out a chosen-ciphertext attack. A successful exploit could allow the attacker to perform cryptanalytic operations that may allow decryption of previously captured TLS sessions to the affected device. To exploit this vulnerability, an attacker must be able to perform both of the following actions: Capture TLS traffic that is in transit between clients and the affected device Actively establish a considerable number of ...

GHSA-59qj-jcjv-662j: DIRAC's TokenManager does not check permissions on cached tokens

### Impact Any user could get a token that has been requested by another user/agent ### Patches The vulnerability is fixed in version 8.0.37. ### Workarounds None ### References

CVE-2023-40359: XTERM - Change Log

xterm before 380 supports ReGIS reporting for character-set names even if they have unexpected characters (i.e., neither alphanumeric nor underscore), aka a pointer/overflow issue.

Cybersecurity Isn't Easy When You're Trying to Be Green

Renewable energy firms deal with a large cyberattack surface area, given the distributed nature of power generation and more pervasive connectivity.