Lucene search
+L

244 matches found

Cvelist
Cvelist
added 2023/08/23 7:43 p.m.28 views

CVE-2022-3744

A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to unlock UEFI variables due to a hard-coded SMI handler credential...

6.7CVSS6.6AI score0.00168EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/08/23 7:42 p.m.13 views

CVE-2022-3743

A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges under certain conditions the ability to enumerate Embedded Controller EC commands...

4.4CVSS6.6AI score0.00175EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2023/08/23 11:44 a.m.46 views

Agile Approach to Mass Cloud Credential Harvesting and Crypto Mining Sprints Ahead

Developers are not the only people who have adopted the agile methodology for their development processes. From 2023-06-15 to 2023-07-11, Permiso Security's p0 Labs team identified and tracked an attacker developing and deploying eight 8 incremental iterations of their credential harvesting malwa...

7.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2023/08/23 12:0 a.m.6 views

PT-2023-13537 · Lenovo · Lcfc Bios

Name of the Vulnerable Software and Affected Versions: LCFC BIOS affected versions not specified Description: A potential issue was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to execute arbitrary code due to improper...

6.7CVSS6.8AI score0.00189EPSS
Exploits0References4
OSV
OSV
added 2023/08/17 5:15 p.m.7 views

CVE-2023-4028

A buffer overflow has been identified in the SystemUserMasterHddPwdDxe driver in some Lenovo Notebook products which may allow an attacker with local access and elevated privileges to execute arbitrary code...

6.7CVSS6.3AI score0.00184EPSS
Exploits0References1
OSV
OSV
added 2023/08/17 5:15 p.m.6 views

CVE-2023-34419

A buffer overflow has been identified in the SetupUtility driver in some Lenovo Notebook products which may allow an attacker with local access and elevated privileges to execute arbitrary code...

6.7CVSS6.3AI score
Exploits0References1
CNNVD
CNNVD
added 2023/08/11 12:0 a.m.6 views

Intel AI Hackathon Code Issues Vulnerabilities

Intel AI Hackathon is the AI Hackathon repository from Intel Corporation USA, which contains notebooks and tutorials referenced at Intel AI Hackathon events. A security vulnerability exists in versions prior to Intel AI Hackathon 2.0.0. An attacker exploiting the vulnerability could elevate...

8.8CVSS6.7AI score0.00522EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/05/29 12:0 a.m.7 views

The vulnerability of the driver for configuring WMI microprogramming systems in Lenovo laptops allows a hacker to modify security loading parameters through the NVRAM variable.

The vulnerability of the WMI driver for Lenovo notebook microprogramming systems is related to errors in the use of standard permissions. Exploiting this vulnerability allows an attacker to modify security boot parameters through the NVRAM variable...

6.8CVSS6.9AI score0.00257EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/04/10 12:0 a.m.7 views

The vulnerability of the BIOS microprogramming system in ThinkPad notebooks allows a hacker to execute arbitrary code.

The vulnerability of the BIOS microprogramming system in ThinkPad notebooks exists due to insufficient checking of input data in the SMI handler. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

5.9CVSS7AI score0.00189EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/03/07 12:0 a.m.6 views

PT-2023-13540 · Lenovo · Lcfc Bios

Name of the Vulnerable Software and Affected Versions: LCFC BIOS affected versions not specified Description: A potential issue was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to view incoming and returned data from...

4.4CVSS4.4AI score0.00175EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2023/02/28 5:54 a.m.42 views

CVE-2023-0923

A flaw was found in the Kubernetes service for notebooks in RHODS, where it does not prevent pods from other namespaces and applications from making requests to the Jupyter API. This flaw can lead to file content exposure and other issues...

9.8CVSS1.9AI score0.00937EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/02/28 12:0 a.m.9 views

PT-2023-2053 · Rhods · Rhods

Name of the Vulnerable Software and Affected Versions: RHODS affected versions not specified Description: A flaw was found in the Kubernetes service for notebooks in RHODS, where it does not prevent pods from other namespaces and applications from making requests to the Jupyter API. This flaw can...

9.8CVSS7.1AI score0.00937EPSS
Exploits0References11
SUSE CVE
SUSE CVE
added 2023/02/15 5:17 a.m.5 views

SUSE CVE-2015-4707

Cross-site scripting XSS vulnerability in IPython before 3.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving JSON error messages and the /api/notebooks path...

6.1CVSS6AI score0.01762EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:22 a.m.3 views

SUSE CVE-2018-19351

Jupyter Notebook before 5.7.1 allows XSS via an untrusted notebook because nbconvert responses are considered to have the same origin as the notebook server. In other words, nbconvert endpoints can execute JavaScript with access to the server API. In notebook/nbconvert/handlers.py,...

6.1CVSS6.2AI score0.01511EPSS
Exploits0References3
OSV
OSV
added 2023/01/26 9:15 p.m.4 views

CVE-2022-1892

A buffer overflow in the SystemBootManagerDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to execute arbitrary code...

7.8CVSS6.3AI score0.00342EPSS
Exploits0References1
OSV
OSV
added 2023/01/26 9:15 p.m.8 views

CVE-2022-1891

A buffer overflow in the SystemLoadDefaultDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to execute arbitrary code...

7.8CVSS6.3AI score0.00342EPSS
Exploits0References1
NVD
NVD
added 2023/01/26 9:15 p.m.32 views

CVE-2022-1891

A buffer overflow in the SystemLoadDefaultDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to execute arbitrary code...

7.8CVSS7.3AI score0.00342EPSS
Exploits0References1
OSV
OSV
added 2023/01/26 9:15 p.m.3 views

CVE-2022-1890

A buffer overflow in the ReadyBootDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to execute arbitrary code...

7.8CVSS6.3AI score0.00342EPSS
Exploits0References1
OSV
OSV
added 2023/01/23 5:15 p.m.8 views

CVE-2022-3430

A potential vulnerability in the WMI Setup driver on some consumer Lenovo Notebook devices may allow an attacker with elevated privileges to modify secure boot setting by modifying an NVRAM variable...

6.7CVSS5.8AI score0.00257EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/01/23 3:18 p.m.5 views

CVE-2022-1890

A buffer overflow in the ReadyBootDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to execute arbitrary code...

6.7CVSS8AI score0.00342EPSS
Exploits0References1
Rows per page
Query Builder