Search
lenovo warranty check/lookup | check warranty status | lenovo support us
Found 10000 results in 104 ms.
An update for nss and nspr is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a later upstream version: nss (3.53.1), nspr (4.25.0). (BZ#1809549, BZ#1809550) Security Fix(es): * nss: UAF in sftk_FreeSession due to improper refcounting (CVE-2019-11756) * nss: Check length of inputs for cryptographic primitives (CVE-2019-17006) * nss: Side channel vulnerabilities during RSA key generation (CVE-2020-12402) * nss: TLS 1.3 Hello...
A DLL hijacking vulnerability in Samsung portable SSD T5 PC software before 1.6.9 could allow a local attacker to escalate privileges. (An attacker must already have user privileges on Windows 7, 10, or 11 to exploit this vulnerability.)
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). 1. EXECUTIVE SUMMARY CVSS v3 8.2 ATTENTION: Low attack complexity/public exploits available Vendor: Siemens ProductCERT Equipment: RUGGEDCOM APE1808 Product Family Vulnerabilities: Time-of-check Time-of-use (TOCTOU) Race Condition 2. RISK EVALUATION Exploitation of these vulnerabilities on affected products could lead to system crashing or escalation of privileges. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following software from Siemens is affected: RUGGEDCOM APE1808 ADM (6GK6015-0AL20-0GL0) - vers:all/* RUGGEDCOM APE1808 ADM CC (6GK6015-0AL20-0GL1) - vers:all/* RUGGEDCOM APE1808 CKP (6GK6015-0AL20-0GK0) - vers:all/* RUGGEDCOM APE1808 CKP CC (6GK6015-0AL20-0GK1)...
A reliance on cookies without validation/integrity check security vulnerability exists in rack < 2.2.3, rack < 2.1.4 that makes it is possible for an attacker to forge a secure or host-only cookie prefix.
In MP4v2 2.0.0, there is an integer overflow (with resultant memory corruption) when resizing MP4Array for the ftyp atom in mp4array.h.
Researchers have found an online repository leaking sensitive data, including driving licenses and other identity documents.
An open redirection vulnerability has been identified in the friendsofsymfony/oauth2-php library, which could potentially expose users to unauthorized redirects during the OAuth authentication process. This vulnerability has been addressed by implementing an exact check for the domain and port, ensuring more secure redirection.
A security-check flaw was found in the way the Heketi 5 server API handled user requests. An authenticated Heketi user could send specially crafted requests to the Heketi server, resulting in remote command execution as the user running Heketi server and possibly privilege escalation.
Red Hat OpenShift Container Platform release 4.10.51 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-7692: PKCE support is not implemented in accordance with the RFC for OAuth 2.0 for Native Apps. Without the use of PKCE, the authorization code returned by an authorization server is not enough to guarantee that the client that issued the initial authorization request is the ...
“There are few jobs where I can say, I make two billion people more secure on the internet every single day.” Childhood Look: Goth kid, all in black Current Look: Cyber Viking Childhood hobby: Head banging to Metallica, Marilyn Manson, and Guns N’ Roses Current hobby: n0x08 DJ’s Live events around the world.