1255 matches found
CVE-2021-4212
CVE-2021-4212 describes a local-privilege escalation vulnerability in the SMI callback function used by the Legacy BIOS mode driver on some Lenovo Notebook models. The issue could allow an attacker with local access and elevated privileges to execute arbitrary code. The affected component is the ...
CVE-2021-4212
A potential vulnerability in the SMI callback function used in the Legacy BIOS mode driver in some Lenovo Notebook models may allow an attacker with local access and elevated privileges to execute arbitrary code...
CVE-2021-3972
A potential vulnerability by a driver used during manufacturing process on some consumer Lenovo Notebook devices' BIOS that was mistakenly not deactivated may allow an attacker with elevated privileges to modify secure boot setting by modifying an NVRAM variable...
CVE-2021-3971
CVE-2021-3971 concerns a Lenovo UEFI/BIOS issue where a driver intended for use during manufacturing was mistakenly included in production images. This could allow an attacker with elevated privileges to modify the firmware protection region by altering an NVRAM variable, enabling persistence or ...
CVE-2021-3971
A potential vulnerability by a driver used during older manufacturing processes on some consumer Lenovo Notebook devices that was mistakenly included in the BIOS image could allow an attacker with elevated privileges to modify firmware protection region by modifying an NVRAM variable...
CVE-2021-3970
CVE-2021-3970 applies to Lenovo notebook firmware. The issue is a memory corruption in the LenovoVariable SMI Handler caused by insufficient validation, potentially allowing a local attacker with elevated privileges to execute arbitrary code in BIOS/SMM. Lenovo and advisories note affected models...
Lenovo Notebook BIOS Vulnerabilities - Lenovo Support US
No description provided...
Lenovo Notebook 安全漏洞
Lenovo Notebook is a laptop computer from Lenovo, a Chinese company. A security vulnerability exists in the Lenovo Notebook that stems from a driver error used during legacy manufacturing and was incorrectly included in the BIOS image. A local privileged user can modify the firmware protection ar...
Lenovo Notebook 安全漏洞
Lenovo Notebook is a laptop computer from Lenovo, a Chinese company. A security vulnerability exists in Lenovo Notebook that originates from the use of an incorrect driver that is incorrectly not deactivated. A local privileged user can modify the secure boot settings and bypass the implemented...
Lenovo Notebook 输入验证错误漏洞
Lenovo Notebook is a laptop computer from Lenovo, a Chinese company. The Lenovo Notebook suffers from an input validation error vulnerability that exists due to insufficient validation of user-supplied input in the LenovoVariable SMI handler. A local user can run a specially crafted program to...
3deecelltracker (=1.0.0), abracadabra (>=0.0.0 <=0.0.7) +92 more potentially affected by CVE-2022-24758 via notebook (>=4.2.3 <=6.4.1)
notebook PYPI version =4.2.3, =0.0.0, =1.0.0, =1.0.0, =0.1.1, =1.0.1, =1.0.1, =0.0.2a0, =1.0.0, =0.3.4, =0.1.0rc1, =0.0.1, =0.1.3, =0.2.4 and more Source cves: CVE-2022-24758 Source advisory: OSV:GHSA-M87F-39Q9-6F55...
The vulnerability of the Caja component in the Jupyter Notebook document creation environment allows a hacker to gain access to confidential data, compromise its integrity, and cause service failures.
The vulnerability of the Caja component in the Jupyter Notebook document creation environment is related to improper filtering of special symbols. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause service failures...
CVE-2022-24758
The Jupyter notebook is a web-based notebook environment for interactive computing. Prior to version 6.4.9, unauthorized actors can access sensitive information from server logs. Anytime a 5xx error is triggered, the auth cookie and other header values are recorded in Jupyter server logs by...
DEBIAN-CVE-2022-24758
The Jupyter notebook is a web-based notebook environment for interactive computing. Prior to version 6.4.9, unauthorized actors can access sensitive information from server logs. Anytime a 5xx error is triggered, the auth cookie and other header values are recorded in Jupyter server logs by...
Code injection
The Jupyter notebook is a web-based notebook environment for interactive computing. Prior to version 6.4.9, unauthorized actors can access sensitive information from server logs. Anytime a 5xx error is triggered, the auth cookie and other header values are recorded in Jupyter server logs by...
UBUNTU-CVE-2022-24758
The Jupyter notebook is a web-based notebook environment for interactive computing. Prior to version 6.4.9, unauthorized actors can access sensitive information from server logs. Anytime a 5xx error is triggered, the auth cookie and other header values are recorded in Jupyter server logs by...
3deecelltracker (=1.0.0), abracadabra (>=0.0.0 <=0.0.7) +92 more potentially affected by CVE-2022-24758 via notebook (>=4.2.3 <=6.4.1)
notebook PYPI version =4.2.3, =0.0.0, =1.0.0, =1.0.0, =0.1.1, =1.0.1, =1.0.1, =0.0.2a0, =1.0.0, =0.3.4, =0.1.0rc1, =0.0.1, =0.1.3, =0.2.4 and more Source cves: CVE-2022-24758 Source advisory: OSV:PYSEC-2022-180...
CVE-2022-24758
The Jupyter notebook is a web-based notebook environment for interactive computing. Prior to version 6.4.9, unauthorized actors can access sensitive information from server logs. Anytime a 5xx error is triggered, the auth cookie and other header values are recorded in Jupyter server logs by...
PYSEC-2022-180
The Jupyter notebook is a web-based notebook environment for interactive computing. Prior to version 6.4.9, unauthorized actors can access sensitive information from server logs. Anytime a 5xx error is triggered, the auth cookie and other header values are recorded in Jupyter server logs by...
PYSEC-2022-180
The Jupyter notebook is a web-based notebook environment for interactive computing. Prior to version 6.4.9, unauthorized actors can access sensitive information from server logs. Anytime a 5xx error is triggered, the auth cookie and other header values are recorded in Jupyter server logs by...