384 matches found
CVE-2026-0520
A potential vulnerability was reported in the Lenovo FileZ Android application that, under certain conditions, could allow a local authenticated user to retrieve some sensitive data stored in a log file...
PT-2026-24835
CVE-2026-2640 During an internal security assessment, a potential vulnerability was discovered in Lenovo PC Manager that could allow a local authenticated user to terminate privilege… https://t.co/aCB7Ljbuyx...
PT-2026-24829
CVE-2026-0520 A potential vulnerability was reported in the Lenovo FileZ Android application that, under certain conditions, could allow a local authenticated user to retrieve some s… https://t.co/GakGcTOAc1...
PT-2026-24676
An input validation vulnerability was reported in the DeviceSettingsSystemAddin used in Lenovo Vantage and Lenovo Baiying that could allow a local authenticated user to modify arbitrary registry keys with elevated privileges...
PT-2026-24832
A potential buffer overflow vulnerability was reported in the Lenovo Virtual Bus driver used in Smart Connect that could allow a local authenticated user to corrupt memory and cause a Windows blue screen error...
USN-8068-1 intel-microcode vulnerability
Sergiu Ghetie discovered that some Intel® processors did not properly handle values in the microcode flow. A local authenticated user could potentially use this issue to escalate their privileges...
CVE-2025-54150
CVE-2025-54150 affects QNAP Qsync Central. It is an uncontrolled resource consumption vulnerability that allows a local attacker with a user account to trigger a denial-of-service (DoS). The issue has been fixed in Qsync Central 5.0.0.4 (2026-01-20) and later. CVSS metrics are provided, but explo...
PT-2026-7289
Name of the Vulnerable Software and Affected Versions VMware ESXi versions prior to 2.2.2.0 ESXi 8.0 VMware ESXi versions prior to 2.2.3.0 ESXi 9.0 Description An improper initialization issue exists in some ESXi kernel mode driver for the Intel Ethernet 800-Series. This may allow an information...
PT-2026-5756
Brocade Fabric OS before 9.2.1 has a vulnerability that could allow a local authenticated attacker to reveal command line passwords using commands that may expose higher privilege sensitive information by a lower privileged user...
PT-2026-5680
A medium-severity vulnerability has been identified in BeyondTrust Privilege Management for Windows versions =25.7. Under certain conditions, a local authenticated user with elevated privileges may be able to bypass the product’s anti-tamper protections, which could allow access to protected...
CVE-2025-59959
An Untrusted Pointer Dereference vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows a local, authenticated attacker with low privileges to cause a Denial-of-Service DoS. When the command 'show route detail' is executed, and at least one of th...
EUVD-2025-206288
A potential vulnerability was reported in ThinkPlus configuration software that could allow a local authenticated user to gain access to sensitive device information...
CVE-2025-13454
A potential vulnerability was reported in ThinkPlus configuration software that could allow a local authenticated user to gain access to sensitive device information...
CVE-2025-13455
A vulnerability was reported in ThinkPlus configuration software that could allow a local authenticated user to bypass ThinkPlus device authentication and enroll an untrusted fingerprint...
CVE-2025-13455
A vulnerability was reported in ThinkPlus configuration software that could allow a local authenticated user to bypass ThinkPlus device authentication and enroll an untrusted fingerprint...
CVE-2025-13455
A vulnerability was reported in ThinkPlus configuration software that could allow a local authenticated user to bypass ThinkPlus device authentication and enroll an untrusted fingerprint...
CVE-2025-13455
A vulnerability was reported in ThinkPlus configuration software that could allow a local authenticated user to bypass ThinkPlus device authentication and enroll an untrusted fingerprint...
CVE-2025-13455
CVE-2025-13455 describes a vulnerability in ThinkPlus configuration software that could allow a local authenticated user to bypass ThinkPlus device authentication and enroll an untrusted fingerprint. Affected software: ThinkPlus configuration software. The root cause details are not specified in ...
CVE-2025-13454
A potential vulnerability was reported in ThinkPlus configuration software that could allow a local authenticated user to gain access to sensitive device information...
CVE-2025-13454
A potential vulnerability was reported in ThinkPlus configuration software that could allow a local authenticated user to gain access to sensitive device information...