Security
Headlines
HeadlinesLatestCVEs

Search

lenovo warranty check/lookup | check warranty status | lenovo support us

Found 10000 results in 47 ms.

CVE-2021-41262: Use prepared statement rather than direct SQL · galette/galette@8e94064

Galette is a membership management web application built for non profit organizations and released under GPLv3. Versions prior to 0.9.6 are subject to SQL injection attacks by users with "member" privilege. Users are advised to upgrade to version 0.9.6 as soon as possible. There are no known workarounds.

CVE
#sql#web
How to Enter the US With Your Digital Privacy Intact

Crossing into the United States has become increasingly dangerous for digital privacy. Here are a few steps you can take to minimize the risk of Customs and Border Protection accessing your data.

EU & US Unite to Fight Ransomware

A working group of European and US officials meet at The Hague to collaborate on ransomware operations and strategies.

CVE-2023-33553: poc/WDRT-1800AX.md at main · 0xfml/poc

An issue in Planet Technologies WDRT-1800AX v1.01-CP21 allows attackers to bypass authentication and escalate privileges to root via manipulation of the LoginStatus cookie.

RHSA-2022:1739: Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.1.2.1 containers security update

An update for is now available for OpenShift Service Mesh 2.1. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-44906: minimist: prototype pollution * CVE-2022-0235: node-fetch: exposure of sensitive information to an unauthorized actor * CVE-2022-0536: follow-redirects: Exposure of Sensitive Information via Authorization Header leak * CVE-2022-24771: node-forge: Signature verification leniency in checking `digestAlgorithm` structure can lead to signature forgery * CVE-2...

CVE-2022-48256: DnsServer/CHANGELOG.md at master · TechnitiumSoftware/DnsServer

Technitium DNS Server before 10.0 allows a self-CNAME denial-of-service attack in which a CNAME loop causes an answer to contain hundreds of records.

CVE-2020-3422: Cisco Security Advisory: Cisco IOS XE Software IP Service Level Agreements Denial of Service Vulnerability

A vulnerability in the IP Service Level Agreement (SLA) responder feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the IP SLA responder to reuse an existing port, resulting in a denial of service (DoS) condition. The vulnerability exists because the IP SLA responder could consume a port that could be used by another feature. An attacker could exploit this vulnerability by sending specific IP SLA control packets to the IP SLA responder on an affected device. The control packets must include the port number that could be used by another configured feature. A successful exploit could allow the attacker to cause an in-use port to be consumed by the IP SLA responder, impacting the feature that was using the port and resulting in a DoS condition.

CVE-2022-29797: Security Advisory - Buffer Overflow Vulnerabilities In Huawei Product

There is a buffer overflow vulnerability in CV81-WDM FW 01.70.49.29.46. Successful exploitation of this vulnerability may lead to privilege escalation.

Air fryers are the latest surveillance threat you didn’t consider

Consumer group Which? found privacy issues in connected air fryers. How smart do we want and need our appliances to be?

Verbatim Keypad Secure USB 3.2 Gen 1 Drive Cryptography Issue

When analyzing the USB drive Verbatim Keypad Secure version 3.2 Gen 1 Drive, Matthias Deeg found out it uses an insecure design which allows for offline brute-force attacks against the passcode.