CVE-2021-3969

TOCTOU vulnerability CVE-2021-3969 affects Lenovo System Interface Foundation’s IMController before version 1.1.20.3, enabling local privilege elevation due to a race condition in Time of Check/Time of Use. Impact is local privilege escalation with partial confidentiality/integrity/availability i...

CVE-2021-3969

A Time of Check Time of Use TOCTOU vulnerability was reported in IMController, a software component of Lenovo System Interface Foundation, prior to version 1.1.20.3that could allow a local attacker to elevate privileges...

CVE-2021-3922

A race condition vulnerability was reported in IMController, a software component of Lenovo System Interface Foundation, prior to version 1.1.20.3 that could allow a local attacker to connect and interact with the IMController child process' named pipe...

CVE-2021-3922

CVE-2021-3922 affects Lenovo System Interface Foundation’s IMController, where a race condition in the IMController process enables a local attacker to interact with the IMController child process via its named pipe. The vulnerability is associated with versions prior to 1.1.20.3. Impact is descr...

The vulnerability of the IMController component, which is part of the system services, drivers, and additional modules of the Lenovo System Interface Foundation, allows attackers to escalate their privileges.

The vulnerability of the IMController component, which is part of the system services, drivers, and additional modules of the Lenovo System Interface Foundation, stems from a “race condition”. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of the IMController component, which is part of the system services, drivers, and additional modules of the Lenovo System Interface Foundation, allows attackers to escalate their privileges.

The vulnerability of the IMController component, which is part of the system services, drivers, and additional modules of the Lenovo System Interface Foundation, stems from a “race condition”. Exploiting this vulnerability can allow an attacker to increase their privileges...

[SECURITY] Fedora 34 Update: perl-Encode-3.12-460.fc34

The Encode module provides the interface between Perl strings and the rest of the system. Perl strings are sequences of characters...

The vulnerability of the File System API interface in the Google Chrome web browser allows a hacker to circumvent existing security restrictions.

The vulnerability of the File System API interface in the Google Chrome web browser is related to deficiencies in authentication procedures. Exploiting this vulnerability allows a malicious actor to circumvent existing security restrictions remotely...

The vulnerability of the File System API interface in the Google Chrome web browser allows a hacker to circumvent existing security restrictions.

The vulnerability of the File System API interface in the Google Chrome web browser is related to deficiencies in authentication procedures. Exploiting this vulnerability allows a malicious actor to circumvent existing security restrictions remotely...

DEBIAN-CVE-2021-21141

Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass file extension policy via a crafted HTML page...

Google Chrome Backlink Vulnerability

Google Chrome is a web browser from Google, Inc. in the United States. A backlink vulnerability previously existed in Google Chromium version 88.0.4324.96, which stemmed from the discovery of insufficient policy enforcement security in the program's file system API component...

Lenovo Vantage HardwareScan Plugin Vulnerability - Lenovo Support US

Lenovo Security Advisory: LEN-44421 Potential Impact: Privilege escalation Severity: High Scope of Impact: Lenovo-specific CVE Identifier: CVE-2020-8345 Summary Description: A DLL search path vulnerability was reported in the Lenovo HardwareScan Plugin for the Lenovo Vantage hardware scan feature...

Lenovo Vantage HardwareScan Plugin Vulnerability - Lenovo Support US

No description provided...

CVE-2020-8346

A denial of service vulnerability was reported in the Lenovo Vantage component called Lenovo System Interface Foundation prior to version 1.1.19.5 that could allow configuration files to be written to non-standard locations...

Denial of service

A denial of service vulnerability was reported in the Lenovo Vantage component called Lenovo System Interface Foundation prior to version 1.1.19.5 that could allow configuration files to be written to non-standard locations...

Lenovo Vantage Vulnerability - Lenovo Support US

No description provided...

Lenovo System Interface Foundation Input Validation Error Vulnerability

Lenovo System Interface Foundation is a set of software from Lenovo, a Chinese company, for communicating with hardware devices. An input validation error vulnerability exists in Lenovo System Interface Foundation. An attacker could exploit this vulnerability to execute an unsigned DLL file...

Unspecified Vulnerability in Lenovo System Interface Foundation

Lenovo System Interface Foundation is a set of software from Lenovo, a Chinese company, for communicating with hardware devices. An unspecified vulnerability exists in Lenovo System Interface Foundation. An attacker could use this vulnerability to elevate privileges and execute code...

Unspecified Vulnerability in Lenovo System Interface Foundation (CNVD-2020-27278)

Lenovo System Interface Foundation is a set of software from Lenovo, a Chinese company, for communicating with hardware devices. An unspecified vulnerability exists in Lenovo System Interface Foundation. An attacker could use this vulnerability to elevate privileges and execute code...

Lenovo System Interface Foundation Code Issue Vulnerability

Lenovo System Interface Foundation is a set of software from Lenovo, a Chinese company, for communicating with hardware devices. A code issue vulnerability exists in Lenovo System Interface Foundation. An attacker could use this vulnerability to elevate privileges and execute code...