Security
Headlines
HeadlinesLatestCVEs

Search

lenovo warranty check/lookup | check warranty status | lenovo support us

Found 10000 results in 65 ms.

CVE-2023-30616: CSRF due to missing nonce verification

Form block is a wordpress plugin designed to make form creation easier. Versions prior to 1.0.2 are subject to a Cross-Site Request Forgery due to a missing nonce check. There is potential for a Cross Site Request Forgery for all form blocks, since it allows to send requests to the forms from any website without a user noticing. Users are advised to upgrade to version 1.0.2. There are no known workarounds for this vulnerability.

CVE
#csrf#vulnerability#web#wordpress
The Problem the US TikTok Crackdown and Kaspersky Ban Have in Common

While Kaspersky and TikTok make very different kinds of software, the US has targeted both over national security concerns. But the looming bans have larger implications for internet freedom.

US senators ask FTC to investigate car makers’ privacy practices

Senators have asked the FTC to investigate the consumer privacy violations by car makers that provide data brokers with information that could be used against them

The Dangerous Weak Link in the US Food Chain

Without an information sharing and analysis center, the country’s food and agriculture sector is uniquely vulnerable to hackers.

Microsoft Bug Bounty Programs Year in Review: $13.6M in Rewards

Partnering with the security research community is an important part of Microsoft’s holistic approach to defending against security threats. Bug bounty programs are one part of this partnership. By discovering and reporting vulnerabilities to Microsoft through Coordinated Vulnerability Disclosure (CVD), researchers continue to help us secure millions of customers. Over the past 12 months, Microsoft awarded $13.

CVE-2021-1243: Cisco Security Advisory: Cisco IOS XR Software SNMP Management Plane Protection ACL Bypass Vulnerability

A vulnerability in the Local Packet Transport Services (LPTS) programming of the SNMP with the management plane protection feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to allow connections despite the management plane protection that is configured to deny access to the SNMP server of an affected device. This vulnerability is due to incorrect LPTS programming when using SNMP with management plane protection. An attacker could exploit this vulnerability by connecting to an affected device using SNMP. A successful exploit could allow the attacker to connect to the device on the configured SNMP ports. Valid credentials are required to execute any of the SNMP requests.

Apple Security Advisory 2023-01-24-1

Apple Security Advisory 2023-01-24-1 - tvOS 16.3 addresses bypass, code execution, and information leakage vulnerabilities.

CVE-2023-37979: Multiple Vulnerabilities in WordPress Ninja Forms Plugin - Patchstack

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Saturday Drive Ninja Forms Contact Form plugin <= 3.6.25 versions.

RHSA-2022:1489: Red Hat Security Advisory: java-1.8.0-openjdk security update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21426: OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504) * CVE-2022-21434: OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672) * CVE-2022-21443: OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151) * CVE-20...

CVE-2021-32006: Cybersecurity Advisory - Secomea

This issue affects: Secomea GateManager Version 9.6.621421014 and all prior versions. Permission Issues vulnerability in LinkManager web portal of Secomea GateManager allows logged in LinkManager user to access stored SiteManager backup files.