5 matches found
EUVD-2017-12860
Malware in sbrugna...
Command injection
If multiple users are concurrently logged into a single system where one user is sending a command via the Lenovo ToolsCenter Advanced Settings Utility ASU, UpdateXpress System Pack Installer UXSPI or Dynamic System Analysis DSA to a second machine, the other users may be able to see the user ID...
Credentials sent through the Lenovo ToolsCenter may be exposed to local users - us
Lenovo Security Advisory: LEN-10810 Potential Impact: Sensitive information disclosure Severity: Medium Scope of Impact: Lenovo specific CVE Identifier: CVE-2017-3743 Summary Description: If multiple users are concurrently logged into a single system where one user is sending a command via the...
CVE-2014-4835
IBM ServerGuide before 9.63, UpdateXpress System Packs Installer UXSPI before 9.63, and ToolsCenter Suite before 9.63 place credentials in logs, which allows local users to obtain sensitive information by reading a file...
CVE-2014-4835
IBM ServerGuide before 9.63, UpdateXpress System Packs Installer UXSPI before 9.63, and ToolsCenter Suite before 9.63 place credentials in logs, which allows local users to obtain sensitive information by reading a file...