Lucene search
K

173 matches found

SUSE CVE
SUSE CVE
added 2024/04/18 2:30 a.m.5 views

SUSE CVE-2024-26836

In the Linux kernel, the following vulnerability has been resolved: platform/x86: think-lmi: Fix password opcode ordering for workstations The Lenovo workstations require the password opcode to be run before the attribute value is changed if Admin password is enabled. Tested on some Thinkpads to...

4.3CVSS6.5AI score0.00231EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2024/04/17 5:30 p.m.29 views

CVE-2024-26836

In the Linux kernel, the following vulnerability has been resolved: platform/x86: think-lmi: Fix password opcode ordering for workstations The Lenovo workstations require the password opcode to be run before the attribute value is changed if Admin password is enabled. Tested on some Thinkpads to...

4.4CVSS7.4AI score0.00231EPSS
Exploits0References4
NVD
NVD
added 2024/04/17 10:15 a.m.28 views

CVE-2024-26836

In the Linux kernel, the following vulnerability has been resolved: platform/x86: think-lmi: Fix password opcode ordering for workstations The Lenovo workstations require the password opcode to be run before the attribute value is changed if Admin password is enabled. Tested on some Thinkpads to...

7.8CVSS7.5AI score0.00231EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2024/04/17 10:15 a.m.29 views

CVE-2024-26836

In the Linux kernel, the following vulnerability has been resolved: platform/x86: think-lmi: Fix password opcode ordering for workstations The Lenovo workstations require the password opcode to be run before the attribute value is changed if Admin password is enabled. Tested on some Thinkpads to...

7.8CVSS6.1AI score0.00231EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/04/17 10:10 a.m.20 views

CVE-2024-26836 platform/x86: think-lmi: Fix password opcode ordering for workstations

In the Linux kernel, the following vulnerability has been resolved: platform/x86: think-lmi: Fix password opcode ordering for workstations The Lenovo workstations require the password opcode to be run before the attribute value is changed if Admin password is enabled. Tested on some Thinkpads to...

7AI score0.00231EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/04/17 10:10 a.m.39 views

CVE-2024-26836 platform/x86: think-lmi: Fix password opcode ordering for workstations

In the Linux kernel, the following vulnerability has been resolved: platform/x86: think-lmi: Fix password opcode ordering for workstations The Lenovo workstations require the password opcode to be run before the attribute value is changed if Admin password is enabled. Tested on some Thinkpads to...

6.9AI score0.00231EPSS
Exploits0References3
CVE
CVE
added 2024/04/17 10:10 a.m.106 views

CVE-2024-26836

In CVE-2024-26836, the Linux kernel flaw lies in platform/x86 think-lmi where the password opcode ordering must occur before changing the attribute value for Lenovo workstations with Admin password enabled. The fix adjusts this order to address the issue (tested on some ThinkPads). The vulnerabil...

7.8CVSS6.8AI score0.00231EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2024/04/17 12:0 a.m.5 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a problem with the ordering of password opcodes on workstations...

7.8CVSS6.5AI score0.00231EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2024/03/22 12:0 a.m.7 views

The vulnerability of the BIOS software in Dell PowerEdge servers and Dell Precision Rack workstations allows a perpetrator to gain unauthorized access to protected information and compromise the system.

The vulnerability of Time-of-Check-Time-of-Use TOCTOU and race conditions in the microprogramming software of Dell PowerEdge server and Dell Precision Rack workstations’ BIOS is related to state management errors. Exploiting this vulnerability can allow attackers to gain unauthorized access to...

5.3CVSS5.9AI score0.00115EPSS
Exploits0References3Affected Software58
BDU FSTEC
BDU FSTEC
added 2024/03/14 12:0 a.m.9 views

The vulnerability of the microprogramming software in the BIOS of Dell PowerEdge servers and Dell Precision Rack workstations allows a intruder to gain unauthorized access to protected information.

The vulnerability of the BIOS software on Dell PowerEdge servers and Dell Precision Rack workstations relates to the writing of data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...

3.8CVSS5.7AI score0.00203EPSS
Exploits0References2Affected Software123
BDU FSTEC
BDU FSTEC
added 2024/03/14 12:0 a.m.5 views

The vulnerability of the microprogramming software in the BIOS of Dell PowerEdge servers and Dell Precision Rack workstations allows a intruder to gain unauthorized access to protected information.

The vulnerability of the BIOS software on Dell PowerEdge servers and Dell Precision Rack workstations relates to the writing of data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...

3.8CVSS5.7AI score0.00169EPSS
Exploits0References2Affected Software123
BDU FSTEC
BDU FSTEC
added 2024/03/11 12:0 a.m.5 views

The vulnerability of Dell PowerEdge 14G server and Dell Precision workstation microprogramming software relates to writing beyond the buffer boundaries, allowing an attacker to execute arbitrary code or escalate their privileges.

The vulnerability of Dell PowerEdge 14G server and Dell Precision workstation microprogramming software lies in the issue of writing beyond buffer boundaries. Exploiting this vulnerability allows an attacker to execute arbitrary code or gain increased privileges...

7.8CVSS7.8AI score0.0018EPSS
Exploits0References2Affected Software30
Exploit DB
Exploit DB
added 2024/02/26 12:0 a.m.492 views

IBM i Access Client Solutions v1.1.2 - 1.1.4, v1.1.4.3 - 1.1.9.4 - Remote Credential Theft

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/IBMIACCESSCLIENTREMOTECREDENTIALTHEFTCVE-2024-22318.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.ibm.com Product IBM i Access Client Solutions Versions All...

5.5CVSS5.5AI score0.00573EPSS
Exploits3
OSV
OSV
added 2024/02/14 11:15 p.m.3 views

CVE-2023-6138

A potential security vulnerability has been identified in the system BIOS for certain HP Workstation PCs, which might allow escalation of privilege, arbitrary code execution, or denial of service. HP is releasing mitigation for the potential vulnerability...

7.9CVSS5.9AI score0.00193EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2024/02/09 12:0 a.m.356 views

IBM i Access Client Solutions Remote Credential Theft

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/IBMIACCESSCLIENTREMOTECREDENTIALTHEFTCVE-2024-22318.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.ibm.com Product IBM i Access Client Solutions Versions All...

5.5CVSS7.4AI score0.00573EPSS
Exploits3
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/08 5:45 p.m.32 views

Security Bulletin: IBM i Access Client Solutions is vulnerable to remote credential theft when NTLM is enabled on Windows workstations

Summary IBM i Access Client Solutions ACS is vulnerable to remote credential theft when NT LAN Manager NTLM is enabled on Windows workstations CVE-2024-22318. Since IBM i Access Client solutions allows Universal Naming Convention UNC paths in its configuration files, if a path is modified to poin...

5.5CVSS5.1AI score0.00573EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/12/14 1:29 p.m.9 views

Security Bulletin: WebSphere Application Server Liberty is vulnerable to denial of service (CVE-2023-38737)

Summary IBM Spectrum Protect for Workstations Central Administration Console requires the dependent product IBM WebSphere Application Server Liberty. Information about a security vulnerability affecting IBM WebSphere Application Server Liberty has been published in a security bulletin. Refer to t...

7.5CVSS6.4AI score0.00792EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/13 3:29 p.m.61 views

Security Bulletin: IBM WebSphere Application Server Liberty is vulnerable to a privilege escalation due to RESTEasy (CVE-2023-0482)

Summary IBM Spectrum Protect for Workstations Central Administration Console requires the dependent product IBM WebSphere Application Server Liberty. Information about a security vulnerability affecting IBM WebSphere Application Server Liberty has been published in a security bulletin. Refer to t...

5.5CVSS5.5AI score0.00819EPSS
Exploits0Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 5:35 a.m.6 views

SUSE CVE-2013-4958

Puppet Enterprise before 3.0.1 does not use a session timeout, which makes it easier for attackers to gain privileges by leveraging an unattended workstation...

6.9CVSS6.9AI score0.00382EPSS
Exploits0References3
NVD
NVD
added 2023/02/01 7:15 a.m.25 views

CVE-2021-3439

HP has identified a potential vulnerability in BIOS firmware of some Workstation products. Firmware updates are being released to mitigate these potential vulnerabilities...

7.8CVSS7.6AI score0.00174EPSS
Exploits0References1
Rows per page
Query Builder