Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / lenovo

lenovo

482 tracked vulnerabilities.

CVE-2019-6161 HIGH

ThinkAgile CP-SB <1908.M - Info Disclosure

CVE-2019-6182 MEDIUM

Lenovo XClarity Administrator <2.5.0 - CSV Injection

CVE-2019-6181 MEDIUM

Lenovo XClarity Administrator < 2.5.0 - Reflected Cross-Site Scripting via Crafted URL

CVE-2019-6180 MEDIUM

Lenovo XClarity Administrator < 2.5.0 - Stored Cross-Site Scripting

CVE-2019-6179 HIGH

Lenovo XClarity Administrator < 2.5.0 and XClarity Integrator < 6.1.0/< 7.7.0 - XML External Entity Injection

CVE-2019-10724 MEDIUM

Dolby DAX2 API - Privilege Escalation

CVE-2019-6177 CRITICAL

Lenovo Solution Center 03.12.003 - Exposure of Sensitive Information via Log File Misplacement

CVE-2019-6178 MEDIUM

Lenovo Iomega and LenovoEMC NAS - Information Disclosure via Personal Cloud API

CVE-2019-6171 MEDIUM

ThinkPad BIOS - Privilege Escalation

CVE-2019-6165 HIGH

Lenovo Yoga 700-11ISK/14ISK Firmware - Untrusted Search Path in PaperDisplay Hotkey Service

CVE-2019-6159 MEDIUM

Lenovo BladeCenter and System x IMM v1 - Unauthenticated Stored Cross-Site Scripting in Log Viewer

CVE-2019-6160 HIGH

Iomega & LenovoEMC NAS - Info Disclosure

CVE-2019-6169 HIGH

Lenovo Service Bridge < 4.1.0.1 - Unencrypted Sensitive Data Download via FTP

CVE-2019-6168 CRITICAL

Lenovo Service Bridge < 4.1.0.1 - Remote Code Execution

CVE-2019-6167 CRITICAL

Lenovo Service Bridge < 4.1.0.1 - Remote Code Execution

CVE-2019-6166 HIGH

Lenovo Service Bridge < 4.1.0.1 - Cross-Site Request Forgery

CVE-2019-6163 MEDIUM

Lenovo System Update < 5.07.0084 - Denial of Service via Service Log File Misplacement

CVE-2019-0164 HIGH

Intel Turbo Boost Max Technology 3.0 < 1.0.0.1035 - Authenticated Privilege Escalation via Installer Permissions

CVE-2019-0130 HIGH

Intel Rapid Storage Technology Enterprise < 5.5.0.2015 - Unauthenticated Reflected Cross-Site Scripting

CVE-2019-6158 HIGH

Lenovo XClarity Administrator 2.0.0-2.3.x - Sensitive Information Disclosure in Log File

CVE-2019-6157 MEDIUM

Lenovo Flex System and System x Firmware < 5.30 - Sensitive Information Exposure via IMM2 FFDC Log

CVE-2019-6156 LOW

Lenovo 510-15IKL and other Ideacentre/Legion Firmware - Improper Locking in SPI Protected Range Registers

CVE-2019-6154 MEDIUM

Lenovo Bootable Generator < Mar-2019 - Untrusted Search Path

CVE-2019-6149 MEDIUM

Lenovo Dynamic Power Reduction Utility <2.2.2.0 - Code Injection

CVE-2019-0135 HIGH

Intel RSTe < 5.5.0.2015 - Authenticated Privilege Escalation via Installer Permissions

Previous Page 14 of 20 Next

Products

thinkcentre_m625q_firmware 28 ideacentre_5-14iob6_firmware 27 ideacentre_g5-14imb05_firmware 27 ideacentre_gaming_5-14iob6_firmware 27 thinkcentre_m75n_firmware 27 v50t-13imb_firmware 27 xclarity_administrator 27 ideacentre_3-07imb05_firmware 26 ideacentre_c5-14imb05_firmware 26 ideacentre_creator_5-14iob6_firmware 26 thinkcentre_m75s_gen_2_firmware 26 thinkcentre_m75t_gen_2_firmware 26 v30a-22iml_firmware 26 v50s-07imb_firmware 26 ideacentre_3-07ada05_firmware 25 ideacentre_g5-14amr05_firmware 25 legion_t7-34imz5_firmware 25 thinkcentre_m70c_firmware 25 thinkcentre_m70q_firmware 25 thinkcentre_m80q_firmware 25 thinkcentre_m80s_firmware 25 thinkcentre_m80t_firmware 25 thinkcentre_m90a_firmware 25 thinkcentre_m90q_tiny_firmware 25 thinkcentre_m90s_firmware 25 thinkedge_se30_firmware 25 v30a-24iml_firmware 25 v50a-22imb_firmware 25 v50a-24imb_firmware 25 v55t_gen_2_13acn_firmware 25

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy