Security
Headlines
HeadlinesLatestCVEs

Search

lenovo warranty check/lookup | check warranty status | lenovo support us

Found 10000 results in 47 ms.

CVE-2022-32201: Added a check whether all components in a scan are actually present. · thorfdbg/libjpeg@ea63151

In libjpeg 1.63, there is a NULL pointer dereference in Component::SubXOf in component.hpp.

CVE
RHSA-2022:5837: Red Hat Security Advisory: java-1.8.0-ibm security update

An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-35561: OpenJDK: Excessive memory allocation in HashMap and HashSet (Utility, 8266097) * CVE-2022-21434: OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672) * CVE-2022-21443: OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151) * CVE-2022-21496: OpenJDK: URI parsing inconsistencies...

#vulnerability#web#linux#red_hat#nodejs#js#java#kubernetes#aws#ibm
CVE-2023-33553: poc/WDRT-1800AX.md at main · 0xfml/poc

An issue in Planet Technologies WDRT-1800AX v1.01-CP21 allows attackers to bypass authentication and escalate privileges to root via manipulation of the LoginStatus cookie.

CVE-2023-22903: Fix incorrect access controll · LibrePhotos/librephotos@e19e539

api/views/user.py in LibrePhotos before e19e539 has incorrect access control.

CVE-2023-48235: overflow in ex address parsing

Vim is an open source command line text editor. When parsing relative ex addresses one may unintentionally cause an overflow. Ironically this happens in the existing overflow check, because the line number becomes negative and LONG_MAX - lnum will cause the overflow. Impact is low, user interaction is required and a crash may not even happen in all situations. This issue has been addressed in commit `060623e` which has been included in release version 9.0.2110. Users are advised to upgrade. There are no known workarounds for this vulnerability.

CVE-2017-7252: Security Advisories — Botan

bcrypt password hashing in Botan before 2.1.0 does not correctly handle passwords with a length between 57 and 72 characters, which makes it easier for attackers to determine the cleartext password.

CVE-2021-3638: inconsistent check in ati_2d_blt() may lead to out-of-bounds write

An out-of-bounds memory access flaw was found in the ATI VGA device emulation of QEMU. This flaw occurs in the ati_2d_blt() routine while handling MMIO write operations when the guest provides invalid values for the destination display parameters. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service.

CVE-2022-44634: S2W – Import Shopify to WooCommerce

Auth. (admin+) Arbitrary File Read vulnerability in S2W – Import Shopify to WooCommerce plugin <= 1.1.12 on WordPress.

CVE-2021-36603: Cross-site scripting vulnerability · Issue #12221 · arendst/Tasmota

Cross Site Scripting (XSS) in Tasmota firmware 6.5.0 allows remote attackers to inject JavaScript code via a crafted string in the field "Friendly Name 1".

DDoS Cyberscore: US Treasury: 1, Killnet: 0

An official just revealed the US Department of Treasury was able to fend off a Killnet DDoS attack last month.