CVE-2020-4552

CVE-2020-4552 affects IBM i2 Analyst’s Notebook 9.2.1 (and related IBM i2 products) and is caused by a memory corruption vulnerability that could allow a local attacker to execute arbitrary code by persuading a user to open a specially crafted file. The CVSS-derived assessments in the sources cit...

CVE-2020-4551

CVE-2020-4551 affects IBM i2 Analyst’s Notebook and IBM i2 Analyst’s Notebook Premium (versions 9.2.1 and 9.2.2). The issue is a memory corruption weakness that could allow a local attacker to execute arbitrary code by convincing a user to open a specially crafted file. IBM’s bulletin confirms me...

CVE-2020-4551

IBM i2 Analyst Notebook 9.2.1 and 9.2.2 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force I...

CVE-2020-4553

IBM i2 Analyst Notebook 9.2.1 and 9.2.2 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force I...

CVE-2020-4553

CVE-2020-4553 affects IBM i2 Analyst’s Notebook 9.2.1 and 9.2.2. The issue is a memory corruption in the product that could allow a local attacker to execute arbitrary code by convincing a user to open a specially crafted file. The IBM advisory notes that fixes were applied in the latest update p...

CVE-2020-4552

IBM i2 Analyst Notebook 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 183320...

CVE-2020-4550

IBM i2 Analyst Notebook 9.2.1 and 9.2.2 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force I...

CVE-2020-4549

IBM i2 Analyst Notebook 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 183317...

CVE-2020-4550

IBM i2 Analyst’s Notebook 9.2.1 and 9.2.2 are affected by a memory corruption vulnerability that could allow a local attacker to execute arbitrary code by convincing a user to open a specially-crafted file. The issue is documented in IBM’s security bulletin and tied to CVE-2020-4550. Root cause: ...

CVE-2020-4549

CVE-2020-4549 affects IBM i2 Analyst’s Notebook 9.2.1 (and IBM i2 Analyst’s Notebook Premium 9.2.1). The vulnerability is caused by memory corruption, allowing a local attacker to execute arbitrary code by convincing a user to open a specially crafted file. IBM’s bulletin notes the fix was applie...

Lenovo System Lock Preinstallation driver Arbitrary Code Execution Vulnerability

Lenovo System Lock Preinstallation driver is a System Lock Preinstallation SLP driver from Lenovo China. A security vulnerability exists in the SMI callback function in the Lenovo System Lock Preinstallation driver Notebook and ThinkStation series. An attacker could exploit the vulnerability to...

CVE-2020-8323

A potential vulnerability in the SMI callback function used in the Legacy SD driver in some Lenovo ThinkPad, ThinkStation, and Lenovo Notebook models may allow arbitrary code execution...

Code injection

A potential vulnerability in the SMI callback function used in the Legacy USB driver in some Lenovo Notebook and ThinkStation models may allow arbitrary code execution...

Code injection

A potential vulnerability in the SMI callback function used in the Legacy SD driver in some Lenovo ThinkPad, ThinkStation, and Lenovo Notebook models may allow arbitrary code execution...

CVE-2020-8323

The CVE-2020-8323 issue affects Lenovo systems (ThinkPad/ThinkStation/Lenovo Notebook) via a vulnerability in the SMI callback function used by the Legacy SD driver. The underlying flaw could allow arbitrary code execution on affected devices. Public details identify the vulnerable component as t...

CVE-2020-8321

Lenovo System Lock Preinstallation driver contains an SMI callback vulnerability in the System Lock Preinstallation (SLP) driver affecting Lenovo Notebook and ThinkStation models, potentially allowing arbitrary code execution via the SMI handler. The issue (CVE-2020-8321) is documented with Lenov...

CVE-2020-8321

A potential vulnerability in the SMI callback function used in the System Lock Preinstallation driver in some Lenovo Notebook and ThinkStation models may allow arbitrary code execution...

CVE-2020-8322

A potential vulnerability in the SMI callback function used in the Legacy USB driver in some Lenovo Notebook and ThinkStation models may allow arbitrary code execution...

CVE-2020-8322

CVE-2020-8322 affects Lenovo Notebook and ThinkStation systems, where a vulnerability in the SMI callback function used by the Legacy USB driver could allow arbitrary code execution. The issue is tied to the Legacy USB driver’s SMI handling, with potential impact described as arbitrary code execu...

CVE-2020-1192

A remote code execution vulnerability exists in Visual Studio Code when the Python extension loads workspace settings from a notebook file, aka 'Visual Studio Code Python Extension Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1171...