Security
Headlines
HeadlinesLatestCVEs

Search

lenovo warranty check/lookup | check warranty status | lenovo support us

Found 10000 results in 44 ms.

BMC Remedy ITSM-Suite 9.1.10 / 20.02 HTML Injection

BMC Remedy ITSM-Suite version 9.1.10 (20.02 in new versioning scheme) suffers from an html injection vulnerability.

Packet Storm
Open in Source
#csrf#vulnerability#web#linux#js#auth#firefox
US Seizes Bitcoin Mixer Sinbad.io Used by Lazarus Group

By Waqas US Treasury Sanctions Sinbad.io for Laundering Millions in Stolen Funds Linked to North Korea's Lazarus Group. This is a post from HackRead.com Read the original post: US Seizes Bitcoin Mixer Sinbad.io Used by Lazarus Group

CVE-2021-36855: Booking Ultra Pro Appointments Booking Calendar Plugin

Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) vulnerability in Booking Ultra Pro plugin <= 1.1.4 at WordPress.

GHSA-5959-4x58-r8c2: TYPO3 CMS missing check for expiration time of password reset token for backend users

> ### Meta > * CVSS: `CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:F/RL:O/RC:C` (5.0) ### Problem It has been discovered that the expiration time of a password reset link for TYPO3 backend users has never been evaluated. As a result, a password reset link could be used to perform a password reset even if the default expiry time of two hours has been exceeded. ### Solution Update to TYPO3 version 10.4.32 or 11.5.16 that fix the problem described above. ### Credits Thanks to Ingo Fabbri who reported this issue and to TYPO3 security team member Torben Hansen who fixed the issue. ### References * [TYPO3-CORE-SA-2022-008](https://typo3.org/security/advisory/typo3-core-sa-2022-008)

US Customs and Border Protection Plans to Photograph Everyone Exiting the US by Car

A CBP spokesperson tells WIRED that the agency plans to expand its program for real-time face recognition at the border, potentially aiding Trump administration efforts to track people who self-deport.

CVE-2022-42127: CVE-2022-42127 Friendly URL history accessible to unauthorized users - Liferay Portal - Liferay Faces

The Friendly Url module in Liferay Portal 7.4.3.5 through 7.4.3.36, and Liferay DXP 7.4 update 1 though 36 does not properly check user permissions, which allows remote attackers to obtain the history of all friendly URLs that was assigned to a page.

CVE-2022-42126: CVE-2022-42126 User permissions are not checked for DepotGroupItemSelectorProvider - Liferay Portal - Liferay Faces

The Asset Libraries module in Liferay Portal 7.3.5 through 7.4.3.28, and Liferay DXP 7.3 before update 8, and DXP 7.4 before update 29 does not properly check permissions of asset libraries, which allows remote authenticated users to view asset libraries via the UI.

Apple Security Advisory 2023-09-11-1

Apple Security Advisory 2023-09-11-1 - iOS 15.7.9 and iPadOS 15.7.9 addresses buffer overflow and code execution vulnerabilities.

FakeUpdates Malware Campaign Targets WordPress – Millions of Sites at Risk

By Waqas The February 2024 Global Threat Index report released by Check Point Software Technologies Ltd. exposes the alarming vulnerability of cybersecurity worldwide. This is a post from HackRead.com Read the original post: FakeUpdates Malware Campaign Targets WordPress – Millions of Sites at Risk

US and Europe Account for 73% of Global Exposed ICS Systems

73% of globally exposed ICS systems are in the US and Europe, with the US leading at 38%.…