Security
Headlines
HeadlinesLatestCVEs

Search

lenovo warranty check/lookup | check warranty status | lenovo support us

Found 10000 results in 92 ms.

CVE-2022-35284: Security Bulletin: Session cookie used by IBM Security Verify Information Queue is not properly secured (CVE-2022-35284)

IBM Security Verify Information Queue 10.0.2 could disclose sensitive information due to a missing or insecure SameSite attribute for a sensitive cookie. IBM X-Force ID: 230811.

CVE
Open in Source
#csrf#vulnerability#linux#perl#ibm
CVE-2022-33955: IBM CICS TX Standard is vulnerable to a back and refresh attack (CVE-2022-33955)

IBM CICS TX 11.1 could allow allow an attacker with physical access to the system to execute code due using a back and refresh attack. IBM X-Force ID: 229312.

CVE-2023-22592: IBM Robotic Process Automation for Cloud Pak is vulnerable to privilege escalation.

IBM Robotic Process Automation for Cloud Pak 21.0.1 through 21.0.4 could allow a local user to perform unauthorized actions due to insufficient permission settings. IBM X-Force ID: 244073.

CVE-2023-40699: Security Bulletin: IBM InfoSphere Information Server may be vulnerable to a denial of service (CVE-2023-40699)

IBM InfoSphere Information Server 11.7 could allow a remote attacker to cause a denial of service due to improper input validation. IBM X-Force ID: 265161.

CVE-2023-22874: Security Bulletin: IBM MQ Clients are vulnerable to a denial of service attack (CVE-2023-22874)

IBM MQ Clients 9.2 CD, 9.3 CD, and 9.3 LTS are vulnerable to a denial of service attack when processing configuration files. IBM X-Force ID: 244216.

CVE-2022-33160: Security Bulletin: IBM Security Directory Suite has fixed a security vulnerability (CVE-2022-33160)

IBM Security Directory Suite 8.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 228568.

CVE-2022-35987: `CHECK` fail in `DenseBincount`

TensorFlow is an open source platform for machine learning. `DenseBincount` assumes its input tensor `weights` to either have the same shape as its input tensor `input` or to be length-0. A different `weights` shape will trigger a `CHECK` fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit bf4c14353c2328636a18bfad1e151052c81d5f43. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue.

CVE-2022-40751: IBM Urbancode Deploy (UCD) is vulnerable to Insufficiently Protected LDAP Search Credentials ( CVE-2022-40751 )

IBM UrbanCode Deploy (UCD) 6.2.7.0 through 6.2.7.17, 7.0.0.0 through 7.0.5.12, 7.1.0.0 through 7.1.2.8, and 7.2.0.0 through 7.2.3.1 could allow a user with administrative privileges including "Manage Security" permissions may be able to recover a credential previously saved for performing authenticated LDAP searches. IBM X-Force ID: 236601.

CVE-2022-35286: Security Bulletin: IBM Security Verify Information Queue web UI is vulnerable to cross-site request forgery (CVE-2022-35286)

IBM Security Verify Information Queue 10.0.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 230814.

CVE-2022-22494: Security Bulletin: Information Disclosure in IBM Spectrum Protect Operations Center (CVE-2022-22494)

IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.14 could allow a remote attacker to gain details of the database, such as type and version, by sending a specially-crafted HTTP request. This information could then be used in future attacks. IBM X-Force ID: 226940.