Security
Headlines
HeadlinesLatestCVEs

Search

lenovo warranty check/lookup | check warranty status | lenovo support us

Found 10000 results in 90 ms.

CVE-2021-0091: INTEL-SA-00527

Improper access control in the firmware for some Intel(R) Processors may allow an unauthenticated user to potentially enable an escalation of privilege via local access.

CVE
#vulnerability#web#ios#dos#oracle
CVE-2022-4415: security - systemd-coredump: CVE-2022-4415: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting

A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.

CVE-2021-24906

The Protect WP Admin WordPress plugin before 3.6.2 does not check for authorisation in the lib/pwa-deactivate.php file, which could allow unauthenticated users to disable the plugin (and therefore the protection offered) via a crafted request

CVE-2021-24354

A lack of capability checks and insufficient nonce check on the AJAX action in the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4, made it possible for authenticated users to install arbitrary plugins on vulnerable sites.

CVE-2022-35132: Webmin

Usermin through 1.850 allows a remote authenticated user to execute OS commands via command injection in a filename for the GPG module.

CVE-2022-27261: express-fileupload

An arbitrary file write vulnerability in Express-FileUpload v1.3.1 allows attackers to upload multiple files with the same name, causing an overwrite of files in the web application server.

CVE-2023-39631: Warn that evaluate() should not be used on user input · Issue #442 · pydata/numexpr

An issue in LanChain-ai Langchain v.0.0.245 allows a remote attacker to execute arbitrary code via the evaluate function in the numexpr library.

CVE-2021-45845: 0004810: Security Vulnerability in PathSanity.py

The Path Sanity Check script of FreeCAD 0.19 is vulnerable to OS command injection, allowing an attacker to execute arbitrary commands via a crafted FCStd document.

CVE-2023-20818: August 2023

In wlan service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07460540; Issue ID: ALPS07460540.

A New Plan to Break the Cycle of Destructive Critical Infrastructure Hacks

As digital threats against US water, food, health care, and other vital sectors loom large, a new project called UnDisruptable27 aims to help fix cybersecurity weaknesses where other efforts have failed.