Security
Headlines
HeadlinesLatestCVEs

Search

lenovo warranty check/lookup | check warranty status | lenovo support us

Found 10000 results in 54 ms.

Massive China-Linked Disinformation Campaign Taps PR Firm for Help

A global network of inauthentic news sites present themselves as independent news outlets, offering content favoring China's government and articles critical of the US.

DARKReading
#web#ios#intel#pdf#bios#auth
CVE-2023-33706: Insecure Direct Object Reference (IDOR) affects Help Desk (SysAid) - CVE-2023-33706

SysAid before 23.2.15 allows Indirect Object Reference (IDOR) attacks to read ticket data via a modified sid parameter to EmailHtmlSourceIframe.jsp or a modified srID parameter to ShowMessage.jsp.

CVE-2021-0682: Android Security Bulletin—September 2021  |  Android Open Source Project

In sendAccessibilityEvent of NotificationManagerService.java, there is a possible disclosure of notification data due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-159624555

Ubuntu Security Notice USN-7089-2

Ubuntu Security Notice 7089-2 - Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

GHSA-j2mj-g8jp-gjfm: Jenkins NS-ND Integration Performance Publisher Plugin vulnerable to Missing Authorization

A missing permission check in Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.129 and earlier allows attackers with Overall/Read permissions to connect to an attacker-specified webserver using attacker-specified credentials. Version 4.8.0.130 requires POST requests and Overall/Administer permission for the affected form validation method.

RHSA-2018:0182: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7.3 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Note: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software mitigation for this hardware issue at a cost of potential performance penalty. Please refer to References s...

Pandora FMS 7.0NG.742 Remote Code Execution

Pandora FMS version 7.0NG.742 suffers from an authenticated remote code execution vulnerability.

CVE-2022-34643: [Bug Report] Wrong exception priority during access memory · Issue #971 · riscv-software-src/riscv-isa-sim

RISCV ISA Sim commit ac466a21df442c59962589ba296c702631e041b5 implements the incorrect exception priotrity when accessing memory.

Latest Cyberattack Against Iran Part of Ongoing Campaign

Iran's steel manufacturing industry is victim to ongoing cyberattacks that previously impacted the country's rail system.

CVE-2022-3095: sdk/CHANGELOG.md at master · dart-lang/sdk

The implementation of backslash parsing in the Dart URI class for versions prior to 2.18 and Flutter versions prior to 3.30 differs from the WhatWG URL standards. Dart uses the RFC 3986 syntax, which creates incompatibilities with the '\' characters in URIs, which can lead to auth bypass in webapps interpreting URIs. We recommend updating Dart or Flutter to mitigate the issue.