lenovo warranty check/lookup | check warranty status | lenovo support us

zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.

Apple Security Advisory 10-25-2023-1 - iOS 17.1 and iPadOS 17.1 addresses bypass, code execution, and use-after-free vulnerabilities.

An update for thunderbird is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0547: No description is available for this CVE. * CVE-2023-1945: The Mozilla Foundation Security Advisory describes this flaw as: Unexpected data returned from the Safe Browsing API could have led to memory corruption and a potentially exploitable crash. * CVE-2023-28427: The Mozilla Foundation Security Advisory describes ...

An update for thunderbird is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0547: No description is available for this CVE. * CVE-2023-1945: The Mozilla Foundation Security Advisory describes this flaw as: Unexpected data returned from the Safe Browsing API could have led to memory corruption and a potentially exploitable crash. * CVE-2023-28427: The Mozilla Foundation Security Advisory describes ...

By Deeba Ahmed A massive data leak of 820,000 Dominicans' personal information (including COVID vaccination status) has been leaked online puting individuals at risk of identity theft, scams, and social engineering attacks. This is a post from HackRead.com Read the original post: Hackers Leak COVID-19 Data of 820K Dominicans, Including Vaccination Info

The H2 database contains an alias function which allows for arbitrary Java code to be used. This functionality can be abused to create an exec functionality to pull our payload down and execute it. H2's web interface contains restricts MANY characters, so injecting a payload directly is not favorable. A valid database connection is required. If the database engine was configured to allow creation of databases, the module default can be used which utilizes an in memory database. Some Docker instances of H2 don't allow writing to folders such as /tmp, so we default to writing to the working directory of the software. This Metasploit module was tested against H2 version 2.1.214, 2.0.204, 1.4.199 (version detection fails).

The ES File Explorer File Manager application through 4.1.9.7.4 for Android allows remote attackers to read arbitrary files or execute applications via TCP port 59777 requests on the local Wi-Fi network. This TCP port remains open after the ES application has been launched once, and responds to unauthenticated application/json data over HTTP.

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.4 (39316) Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Desktop Control Agent service. The service loads Qt plugins from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-15787.

A flaw was found in libcaca. A heap buffer overflow in export.c in function export_tga might lead to memory corruption and other potential consequences.

A flaw was found in libcaca. A buffer overflow of export.c in function export_troff might lead to memory corruption and other potential consequences.