lenovo

488 tracked vulnerabilities.

CVE-2022-1107 MEDIUM
Lenovo ThinkPad Firmware - Privilege Escalation via SMM Boot Services Handler
Apr 22, 2022
CVSS 6.7
EPSS 0.00
CVE-2022-0636 MEDIUM
Lenovo Thin Installer <1.3.0039 - DoS
Apr 22, 2022
CVSS 5.0
EPSS 0.00
CVE-2022-0354 HIGH
Lenovo System Update <2022-02-25 - Privilege Escalation
Apr 22, 2022
CVSS 7.3
EPSS 0.00
CVE-2022-0192 HIGH
Lenovo PCManager <4.0.40.2175 - Privilege Escalation
Apr 22, 2022
CVSS 7.3
EPSS 0.00
CVE-2021-42205 MEDIUM
ELAN Miniport <24.21.51.2 - Use After Free
Nov 07, 2022
CVSS 4.7
EPSS 0.00
CVE-2021-42852 HIGH
Lenovo Personal Cloud Storage A1/T1/X1/T2/T2Pro Firmware < 5.3.8.x1 - Authenticated OS Command Injection
May 18, 2022
CVSS 8.0
EPSS 0.01
CVE-2021-42851 MEDIUM
Lenovo Personal Cloud Storage A1/T1/X1/T2/T2Pro Firmware < 5.3.8 - Unauthenticated Account Creation
May 18, 2022
CVSS 6.3
EPSS 0.01
CVE-2021-42850 HIGH
Lenovo Personal Cloud Storage A1/T1/X1/T2/T2Pro Firmware - Use of Hard-coded Credentials
May 18, 2022
CVSS 8.8
EPSS 0.00
CVE-2021-42849 MEDIUM
Lenovo A1 Firmware < 5.3.6.a1 - Authentication Bypass
May 18, 2022
CVSS 6.8
EPSS 0.00
CVE-2021-42848 MEDIUM
Lenovo Personal Cloud Storage A1/T1/X1/T2/T2Pro Firmware < 5.3.8 - Unauthenticated Information Disclosure
May 18, 2022
CVSS 4.3
EPSS 0.01
CVE-2021-3969 HIGH
Lenovo System Interface Foundation < 1.1.20.3 - Privilege Escalation via TOCTOU Race Condition in IMController
May 18, 2022
CVSS 7.8
EPSS 0.02
CVE-2021-3956 MEDIUM
Lenovo XClarity Controller < 7.22_cdi382o - LDAP Auth Bypass (Unauthenticated Read-Only Access)
May 18, 2022
CVSS 4.3
EPSS 0.01
CVE-2021-3922 HIGH
Lenovo System Interface Foundation < 1.1.20.3 - Time-of-check Time-of-use Race Condition in IMController
May 18, 2022
CVSS 7.8
EPSS 0.02
CVE-2021-4212 MEDIUM
Lenovo Notebook - Privilege Escalation
Apr 22, 2022
CVSS 6.7
EPSS 0.00
CVE-2021-4211 MEDIUM
Lenovo Desktop/ThinkStation/ThinkEdge - Local Privilege Escalation
Apr 22, 2022
CVSS 6.7
EPSS 0.00
CVE-2021-4210 MEDIUM
Lenovo Desktop/ThinkStation/ThinkEdge - Local Privilege Escalation
Apr 22, 2022
CVSS 6.7
EPSS 0.00
CVE-2021-3972 MEDIUM
Lenovo Notebook BIOS - Privilege Escalation
Apr 22, 2022
CVSS 6.7
EPSS 0.03
CVE-2021-3971 MEDIUM
Lenovo Notebook < - Privilege Escalation
Apr 22, 2022
CVSS 6.7
EPSS 0.01
CVE-2021-3970 MEDIUM
Lenovo IdeaPad 3 Firmware - Authenticated Arbitrary Code Execution via LenovoVariable SMI Handler
Apr 22, 2022
CVSS 6.7
EPSS 0.01
CVE-2021-3897 CRITICAL
Lenovo Fan Power Controller2/FPC2 - Auth Bypass
Apr 22, 2022
CVSS 9.8
EPSS 0.01
CVE-2021-3849 CRITICAL
Lenovo Fan Power Controller2/FPC2 - Auth Bypass
Apr 22, 2022
CVSS 9.8
EPSS 0.01
CVE-2021-3722 MEDIUM
Lenovo PCManager <4.0.40.2175 - DoS
Apr 22, 2022
CVSS 5.0
EPSS 0.00
CVE-2021-3721 MEDIUM
Lenovo PCManager <4.0.20.10282 - DoS
Apr 22, 2022
CVSS 5.5
EPSS 0.00
CVE-2021-3843 MEDIUM
Lenovo ThinkPad Firmware - Authenticated Arbitrary Code Execution via SMI EEPROM Access
Nov 12, 2021
CVSS 6.7
EPSS 0.00
CVE-2021-3840 HIGH
Lenovo Antilles < 1.0.1 - Remote Code Execution via Dependency Confusion
Nov 12, 2021
CVSS 8.8
EPSS 0.02