13 matches found
CVE-2024-33582
A DLL hijack vulnerability was reported in Lenovo Service Framework that could allow a local attacker to execute code with elevated privileges...
Command Execution Vulnerability in dubbo 2.7.12
dubbo is a high-performance service framework. A command execution vulnerability exists in dubbo 2.7.12, which can be exploited by an attacker to gain control of the server...
Command execution vulnerability in dubbo 2.7.12 (CNVD-2021-44689)
dubbo is a high-performance service framework. A command execution vulnerability exists in dubbo 2.7.12, which can be exploited by an attacker to gain control of the server...
Command execution vulnerability in dubbo 2.7.12 (CNVD-2021-44687)
dubbo is a high-performance service framework. A command execution vulnerability exists in dubbo 2.7.12, which can be exploited by an attacker to gain control of the server...
Command execution vulnerability in dubbo 2.7.12 (CNVD-2021-44686)
dubbo is a high-performance service framework. A command execution vulnerability exists in dubbo 2.7.12, which can be exploited by an attacker to gain control of the server...
CVE-2017-3759
The Lenovo Service Framework Android application accepts some responses from the server without proper validation. This exposes the application to man-in-the-middle attacks leading to possible remote code execution...
CVE-2017-3758
Improper access controls on several Android components in the Lenovo Service Framework application can be exploited to enable remote code execution...
CVE-2017-3759
The Lenovo Service Framework Android application accepts some responses from the server without proper validation. This exposes the application to man-in-the-middle attacks leading to possible remote code execution...
CVE-2017-3761
The Lenovo Service Framework Android application executes some system commands without proper sanitization of external input. In certain cases, this could lead to command injection which, in turn, could lead to remote code execution...
CVE-2017-3758
CVE-2017-3758 affects Lenovo Service Framework (LSF) Android components. The vulnerability stems from improper access controls in Android components within LSF, allowing remote code execution. Public sources detail that LSF is an Android framework used to receive push notifications on Lenovo devi...
CVE-2017-3759
The CVE-2017-3759 issue affects the Lenovo Service Framework (LSF) Android application used on Lenovo tablets and select phones. The root cause is that LSF accepts some server responses without proper validation, exposing the app to man-in-the-middle attacks and potential remote code execution. P...
CVE-2017-3760
The CVE-2017-3760 entry concerns the Lenovo Service Framework Android application that uses a set of nonsecure credentials during integrity verification of downloaded apps/data, enabling a Man-in-the-Middle scenario and potential remote code execution. Multiple sources (CNVD, NVD, CVE list, LEN a...
CVE-2017-3761
The CVE-2017-3761 entry concerns the Lenovo Service Framework (LSF) Android application, where the component executes system commands with insufficient input sanitization, enabling command injection and remote code execution. Affected scope includes Lenovo Android tablets and certain VIBE/ZUK/Mot...