477 matches found
Intel SSD Advisory - Lenovo Support US
Lenovo Security Advisory: LEN-30040 Potential Impact: Information disclosure Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2020-0527 Summary Description: Intel reported a potential security vulnerability in Intel Solid State Drive SSD products that may allow information...
Intel SSD Advisory - Lenovo Support US
No description provided...
Synology DiskStation Manager - smart.cgi Remote Command Execution Exploit
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule \d+&minor=?\d+&build=?\d+ &junior=\d+&unique=synology\w+?^&+/x.freeze def initializeinfo = super updateinfo info, 'Name' = 'Synology DiskStation...
CVE-2020-8959
Western Digital WesternDigitalSSDDashboardSetup.exe before 3.0.2.0 allows DLL Hijacking...
CVE-2020-8959
CVE-2020-8959 affects Western Digital WesternDigitalSSDDashboardSetup.exe prior to version 3.0.2.0 and is described as allowing DLL hijacking. The vulnerability arises from the installer’s handling of DLL loading, with impacts stated as high for confidentiality, integrity, and availability, and a...
CVE-2019-13467
Description: Western Digital SSD Dashboard before 2.5.1.0 and SanDisk SSD Dashboard before 2.5.1.0 applications are potentially vulnerable to man-in-the-middle attacks when the applications download resources from the Dashboard web service. This vulnerability may allow an attacker to substitute...
Design/Logic Flaw
Description: Western Digital SSD Dashboard before 2.5.1.0 and SanDisk SSD Dashboard before 2.5.1.0 applications are potentially vulnerable to man-in-the-middle attacks when the applications download resources from the Dashboard web service. This vulnerability may allow an attacker to substitute...
CVE-2019-13467
CVE-2019-13467 affects Western Digital SSD Dashboard and SanDisk SSD Dashboard prior to 2.5.1.0. The issue enables potential man-in-the-middle attacks when the dashboard web service resources are downloaded, allowing an attacker to substitute downloaded resources with arbitrary files. The connect...
CVE-2019-13467
Description: Western Digital SSD Dashboard before 2.5.1.0 and SanDisk SSD Dashboard before 2.5.1.0 applications are potentially vulnerable to man-in-the-middle attacks when the applications download resources from the Dashboard web service. This vulnerability may allow an attacker to substitute...
CVE-2019-13466
Western Digital SSD Dashboard before 2.5.1.0 and SanDisk SSD Dashboard before 2.5.1.0 have Incorrect Access Control. The “generate reports” archive is protected with a hard-coded password. An application update that addresses the protection of archive encryption is available...
Hardcoded credentials
Western Digital SSD Dashboard before 2.5.1.0 and SanDisk SSD Dashboard before 2.5.1.0 have Incorrect Access Control. The “generate reports” archive is protected with a hard-coded password. An application update that addresses the protection of archive encryption is available...
CVE-2019-13466
Concretely affected: Western Digital SSD Dashboard and SanDisk SSD Dashboard prior to version 2.5.1.0. Vulnerability: Incorrect access control where the generate reports archive is protected with a hard-coded password. Root cause: insufficient access restrictions for archive generation. Impact: p...
CVE-2019-13466
Western Digital SSD Dashboard before 2.5.1.0 and SanDisk SSD Dashboard before 2.5.1.0 have Incorrect Access Control. The “generate reports” archive is protected with a hard-coded password. An application update that addresses the protection of archive encryption is available...
PT-2019-14599
Name of the Vulnerable Software and Affected Versions OpenCV version 4.1.1 Description The issue is related to an out-of-bounds read in the hal baseline::v load function located in core/hal/intrin sse.hpp, which is called from computeSSDMeanNorm in modules/video/src/dis flow.cpp. Recommendations...
Intel SSD DC S4500/S4600 Series Vulnerability - US
Lenovo Security Advisory: LEN-28116 Potential Impact: Privilege escalation Severity: Medium Scope of Impact: Industry-wide CVE Identifier: CVE-2018-18095 Summary Description: Intel has reported a potential security vulnerability in Intel Solid State Drives SSD for Data Centers DC S4500/S4600 Seri...
Intel SSD DC S4500/S4600 Series Vulnerability - Lenovo Support US
No description provided...
CVE-2018-18095
Improper authentication in firmware for IntelR SSD DC S4500 Series and IntelR SSD DC S4600 Series before SCV10150 may allow an unprivileged user to potentially enable escalation of privilege via physical access...
Authentication flaw
Improper authentication in firmware for IntelR SSD DC S4500 Series and IntelR SSD DC S4600 Series before SCV10150 may allow an unprivileged user to potentially enable escalation of privilege via physical access...
CVE-2018-18095
CVE-2018-18095 relates to Intel SSD DC S4500/S4600 Series firmware prior to SCV10150, with improper authentication that could let an unprivileged user escalate privileges via physical access. Connected sources (Red Hat, CNVD, CNVD/Lenovo pages, and Lenovo security advisory) corroborate the vulner...
CVE-2018-18095
Improper authentication in firmware for IntelR SSD DC S4500 Series and IntelR SSD DC S4600 Series before SCV10150 may allow an unprivileged user to potentially enable escalation of privilege via physical access...