Search
lenovo warranty check/lookup | check warranty status | lenovo support us
Found 10000 results in 71 ms.
Local user may lead to privilege escalation using Gaia Portal hostnames page.
Local privilege escalation in Checkpoint Endpoint Security (version E87.30) via crafted OpenSSL configuration file
HPSFViewer might allow Escalation of Privilege. This potential vulnerability was remediated on July 29th, 2022. Customers who opted for automatic updates should have already received the remediation.
### Summary Email validation can easily be bypassed because `verify_email_enabled` option enable email validation at sign up only. A user changing it's email after signing up (and verifying it) can change it without verification in `/profile`. This can be used to prevent legitimate owner of the email address from signing up. Another way to prevent email's owner from signing up is by setting Username as an email: When a new user is registrering, they can set two different email addresses in the Email and Username field, technically having 2 email addresses (because Grafana handles usernames and emails the same in some situations), but only the former is validated. ![](https://user-images.githubusercontent.com/44581623/282073913-c1a8c20b-b6c3-46eb-840c-9e0dae718a2a.png) Here user a prevents owner of [email protected] to signup. ### Details I don't know exact location but this is related to PUT /api/user handler. ### PoC Bypass email validation: * Start a new grafana instance using lat...
Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Apasionados Export Post Info plugin <= 1.1.0 at WordPress.
"IBM InfoSphere Information Server 11.7 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 223598."
IBM InfoSphere DataStage 11.7 is vulnerable to a command injection vulnerability due to improper neutralization of special elements. IBM X-Force ID: 236687.
IBM CICS TX 11.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 229463.
IBM CICS TX 11.7 could allow an attacker to obtain sensitive information from HTTP response headers. IBM X-Force ID: 229467.
IBM CICS TX 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 229464.