Security
Headlines
HeadlinesLatestCVEs

Search

lenovo warranty check/lookup | check warranty status | lenovo support us

Found 10000 results in 53 ms.

GliNet 4.x Authentication Bypass

GliNet with firmware version 4.x suffers from an authentication bypass vulnerability. Other firmware versions may also be affected.

Packet Storm
#sql#vulnerability#web#js#perl#auth#wifi
CVE-2023-28732: CVE-2023-28732 - Bug Bounty Switzerland

Missing access control in AnyMailing Joomla Plugin allows to list and access files containing sensitive information from the plugin itself and access to system files via path traversal, when being granted access to the campaign's creation on front-office. This issue affects AnyMailing Joomla Plugin in versions below 8.3.0.

Rogue ads phishing for cryptocurrency: Are you secure?

Phishers racked up an enormous haul of stolen cryptocurrency via rogue Google ads. Time to check if you're free from bad ad worry. The post Rogue ads phishing for cryptocurrency: Are you secure? appeared first on Malwarebytes Labs.

CVE-2022-34459: DSA-2022-298: Dell Command | Update, Dell Update, and Alienware Update Security Update for Multiple Vulnerabilities

Dell Command | Update, Dell Update, and Alienware Update versions prior to 4.7 contain a improper verification of cryptographic signature in get applicable driver component. A local malicious user could potentially exploit this vulnerability leading to malicious payload execution.

GHSA-jjr7-372r-cx7x: Mattermost Exposure of Sensitive Information to an Unauthorized Actor vulnerability

Mattermost fails to check whether the "Allow users to view archived channels" setting is enabled during permalink previews display, allowing members to view permalink previews of archived channels even if the "Allow users to view archived channels" setting is disabled. 

Diverse Cybersecurity Workforce Act Offers More Than Diversity Benefits

Our adversaries certainly have diversity — so cybersecurity teams need it, too.

CVE-2018-19497: Fix CVE-2018-19497. by JordyZomer · Pull Request #1374 · sleuthkit/sleuthkit

In The Sleuth Kit (TSK) through 4.6.4, hfs_cat_traverse in tsk/fs/hfs.c does not properly determine when a key length is too large, which allows attackers to cause a denial of service (SEGV on unknown address with READ memory access in a tsk_getu16 call in hfs_dir_open_meta_cb in tsk/fs/hfs_dent.c).

CVE-2021-0640

["In noteAtomLogged of StatsdStats.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-9Android ID: A-187957589"]

CVE-2021-0640

["In noteAtomLogged of StatsdStats.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-9Android ID: A-187957589"]

CVE-2022-0345

The Customize WordPress Emails and Alerts WordPress plugin before 1.8.7 does not have authorisation and CSRF check in its bnfw_search_users AJAX action, allowing any authenticated users to call it and query for user e-mail prefixes (finding the first letter, then the second one, then the third one etc.).