lenovo

488 tracked vulnerabilities.

CVE-2019-6184 HIGH
Lenovo Customer Engagement Service 2.0.21.1 - Local Privilege Escalation
Nov 20, 2019
CVSS 7.8
EPSS 0.00
CVE-2019-6176 HIGH
ThinkPad USB-C Dock Firmware 3.7.2 - Denial of Service
Nov 20, 2019
CVSS 7.5
EPSS 0.01
CVE-2019-6188 CRITICAL
Lenovo ThinkPad T460p <R07ET90W/T470p <R0FET50W - Privilege Escalation
Nov 12, 2019
CVSS 9.8
EPSS 0.01
CVE-2019-6172 MEDIUM
Lenovo ThinkPad Firmware - Arbitrary Code Execution via SMI Callback Function
Nov 12, 2019
CVSS 6.4
EPSS 0.00
CVE-2019-6170 MEDIUM
Lenovo ThinkPad Firmware - Arbitrary Code Execution via SMI Callback Function
Nov 12, 2019
CVSS 6.4
EPSS 0.00
CVE-2019-6175 HIGH
Lenovo System Update < 5.07.0088 - Denial of Service via Configuration File Misplacement
Sep 26, 2019
CVSS 7.5
EPSS 0.02
CVE-2019-6161 HIGH
ThinkAgile CP-SB <1908.M - Info Disclosure
Sep 26, 2019
CVSS 7.5
EPSS 0.01
CVE-2019-6182 MEDIUM
Lenovo XClarity Administrator <2.5.0 - CSV Injection
Sep 03, 2019
CVSS 4.9
EPSS 0.01
CVE-2019-6181 MEDIUM
Lenovo XClarity Administrator < 2.5.0 - Reflected Cross-Site Scripting via Crafted URL
Sep 03, 2019
CVSS 6.1
EPSS 0.01
CVE-2019-6180 MEDIUM
Lenovo XClarity Administrator < 2.5.0 - Stored Cross-Site Scripting
Sep 03, 2019
CVSS 4.8
EPSS 0.01
CVE-2019-6179 HIGH
Lenovo XClarity Administrator < 2.5.0 and XClarity Integrator < 6.1.0/< 7.7.0 - XML External Entity Injection
Sep 03, 2019
CVSS 7.5
EPSS 0.01
CVE-2019-10724 MEDIUM
Dolby DAX2 API - Privilege Escalation
Aug 29, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-6177 CRITICAL
Lenovo Solution Center 03.12.003 - Exposure of Sensitive Information via Log File Misplacement
Aug 21, 2019
CVSS 9.8
EPSS 0.01
CVE-2019-6178 MEDIUM
Lenovo Iomega and LenovoEMC NAS - Information Disclosure via Personal Cloud API
Aug 19, 2019
CVSS 5.3
EPSS 0.01
CVE-2019-6171 MEDIUM
ThinkPad BIOS - Privilege Escalation
Aug 19, 2019
CVSS 6.8
EPSS 0.00
CVE-2019-6165 HIGH
Lenovo Yoga 700-11ISK/14ISK Firmware - Untrusted Search Path in PaperDisplay Hotkey Service
Aug 19, 2019
CVSS 7.8
EPSS 0.00
CVE-2019-6159 MEDIUM
Lenovo BladeCenter and System x IMM v1 - Unauthenticated Stored Cross-Site Scripting in Log Viewer
Aug 19, 2019
CVSS 6.1
EPSS 0.01
CVE-2019-6160 HIGH
Iomega & LenovoEMC NAS - Info Disclosure
Jul 16, 2019
CVSS 8.8
EPSS 0.01
CVE-2019-6169 HIGH
Lenovo Service Bridge < 4.1.0.1 - Unencrypted Sensitive Data Download via FTP
Jun 26, 2019
CVSS 7.5
EPSS 0.01
CVE-2019-6168 CRITICAL
Lenovo Service Bridge < 4.1.0.1 - Remote Code Execution
Jun 26, 2019
CVSS 9.8
EPSS 0.02
CVE-2019-6167 CRITICAL
Lenovo Service Bridge < 4.1.0.1 - Remote Code Execution
Jun 26, 2019
CVSS 9.8
EPSS 0.02
CVE-2019-6166 HIGH
Lenovo Service Bridge < 4.1.0.1 - Cross-Site Request Forgery
Jun 26, 2019
CVSS 8.8
EPSS 0.00
CVE-2019-6163 MEDIUM
Lenovo System Update < 5.07.0084 - Denial of Service via Service Log File Misplacement
Jun 26, 2019
CVSS 5.5
EPSS 0.01
CVE-2019-0164 HIGH
Intel Turbo Boost Max Technology 3.0 < 1.0.0.1035 - Authenticated Privilege Escalation via Installer Permissions
Jun 13, 2019
CVSS 7.3
EPSS 0.00
CVE-2019-0130 HIGH
Intel Rapid Storage Technology Enterprise < 5.5.0.2015 - Unauthenticated Reflected Cross-Site Scripting
Jun 13, 2019
CVSS 7.4
EPSS 0.02