Download
| Alert*
oval:org.secpod.oval:def:45544
Lenovo System Update is installed oval:org.secpod.oval:def:45648 The host is installed with Lenovo System Update before 5.06.0034 and is prone to a man-in-the-middle attack vulnerability. A flaw is present in the application, which fails to properly validate CA chains during signature validation. Successful exploitation could allow attackers to upload and execute ... oval:org.secpod.oval:def:45651 The host is installed with Lenovo System Update before 5.07.0019 and is prone to a temporary administrator account vulnerability. A flaw is present in the application, which allows local users to gain privileges by making a prediction of tvsu_tmp_xxxxxXXXXX account credentials that requires knowledg ... oval:org.secpod.oval:def:45652 The host is installed with Lenovo System Update before 5.07.0019 and is prone to a local privilege escalation vulnerability. A flaw is present in the application, which allows local users to gain privileges by navigating to (1) "Click here to learn more" or (2) "View privacy policy" within the Tvsuk ... oval:org.secpod.oval:def:45647 The host is installed with Lenovo System Update before 5.06.0034 and is prone to a race condition vulnerability. A flaw is present in the application, which fails to properly assign permissions to the update files directory. Successful exploitation could allow local users to gain privileges by writi ... oval:org.secpod.oval:def:45650 The host is installed with Lenovo System Update before 5.07.0013 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which improperly local users to submit commands to the System Update service. Successful exploitation could allow local users to gain privilege ... oval:org.secpod.oval:def:45653 The host is installed with Lenovo System Update before 3.14 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly validate the certificate when establishing an SSL connection. Successful exploitation could allow attackers to install ... oval:org.secpod.oval:def:45649 The host is installed with Lenovo System Update before 5.06.0034 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly generate security tokens. Successful exploitation could allow local users to gain privileges. oval:org.secpod.oval:def:45545 The host is installed with Lenovo System Update before 5.07.0072 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle very large user ID or password. Successful exploitation could allow attackers to cause undefined behaviors such as ar ... oval:org.secpod.oval:def:65645 The host is installed with Lenovo System Update before 5.07.0106 and is prone to a race condition vulnerability. A flaw is present in the application, which fails to properly handle unspecified vector. Successful exploitation could allow escalation of privilege. |