lenovo

482 tracked vulnerabilities.

CVE-2018-16098 HIGH
Lenovo Synaptics ThinkPad UltraNav Driver - Unquoted Search Path
Jan 24, 2019
CVSS 7.8
EPSS 0.00
CVE-2018-9072 MEDIUM
Lenovo XClarity Integrator < 5.5 - Authenticated Arbitrary File Read via File Download
Nov 30, 2018
CVSS 6.5
EPSS 0.00
CVE-2018-16097 MEDIUM
Lenovo XClarity Integrator < 3.5 and < 5.5 - Authenticated Arbitrary File Write via Certificate Upload
Nov 30, 2018
CVSS 6.5
EPSS 0.00
CVE-2018-16093 MEDIUM
Lenovo XClarity Integrator < 5.5 - Authenticated Arbitrary File Write via Backup File Upload
Nov 30, 2018
CVSS 6.5
EPSS 0.00
CVE-2018-9084 MEDIUM
System Management Module <1.06 - Privilege Escalation
Nov 27, 2018
CVSS 6.5
EPSS 0.00
CVE-2018-9083 HIGH
Lenovo System Management Module Firmware < 1.06 - Use of Hard-coded Credentials
Nov 27, 2018
CVSS 8.1
EPSS 0.00
CVE-2018-16096 MEDIUM
Lenovo System Management Module Firmware < 1.06 - Cross-Site Scripting in Enclosure VPD Input
Nov 27, 2018
CVSS 6.1
EPSS 0.00
CVE-2018-16095 MEDIUM
Lenovo System Management Module Firmware < 1.06 - Sensitive Information Disclosure via Debug Log
Nov 27, 2018
CVSS 5.9
EPSS 0.00
CVE-2018-16094 HIGH
Lenovo System Management Module Firmware < 1.06 - Buffer Overflow in Configuration Settings Retrieval
Nov 27, 2018
CVSS 8.1
EPSS 0.01
CVE-2018-16092 HIGH
System Management Module <1.06 - Info Disclosure
Nov 27, 2018
CVSS 8.1
EPSS 0.00
CVE-2018-16091 HIGH
Lenovo System Management Module Firmware < 1.06 - Buffer Overflow in Certificate Creation and Parsing Logic
Nov 27, 2018
CVSS 8.1
EPSS 0.00
CVE-2018-16090 HIGH
Lenovo System Management Module Firmware < 1.06 - Authenticated OS Command Injection
Nov 27, 2018
CVSS 7.5
EPSS 0.01
CVE-2018-16089 HIGH
Lenovo System Management Module Firmware < 1.06 - Authenticated OS Command Injection via Firmware Update Image Header
Nov 27, 2018
CVSS 7.5
EPSS 0.01
CVE-2018-9086 HIGH
Lenovo ThinkServer RD340/RD440/RD640/TD340 Firmware - Authenticated OS Command Injection via BMC Firmware Download
Nov 16, 2018
CVSS 7.2
EPSS 0.02
CVE-2018-9085 MEDIUM
Lenovo and IBM System x Servers - Unprotected Flash Memory Modification via Unset Write Protection Lock Bit
Nov 16, 2018
CVSS 4.9
EPSS 0.00
CVE-2018-9073 MEDIUM
Lenovo Chassis Management Module Firmware < 2.0.0 - Use of Hard-coded Encryption Key
Nov 16, 2018
CVSS 5.9
EPSS 0.00
CVE-2018-9071 MEDIUM
Lenovo Chassis Management Module Firmware < 2.0.0 - Unauthenticated Exposure of Authentication Configuration Settings
Nov 16, 2018
CVSS 5.3
EPSS 0.00
CVE-2018-9069 MEDIUM
HP 310s-14isk Firmware < 1.15 - Authenticated BIOS Flash Race Condition
Oct 02, 2018
CVSS 5.9
EPSS 0.00
CVE-2018-9082 HIGH
Iomega LenovoEMC NAS <4.1.402.34662 - Privilege Escalation
Sep 28, 2018
CVSS 8.8
EPSS 0.00
CVE-2018-9081 MEDIUM
Lenovo Iomega/EMC NAS < 4.1.402.34662 - Stored Cross-Site Scripting via Content Viewer File Rename
Sep 28, 2018
CVSS 4.7
EPSS 0.00
CVE-2018-9080 MEDIUM
Lenovo StorCenter and EMC NAS Firmware - Session Fixation via Iomega Cookie
Sep 28, 2018
CVSS 5.9
EPSS 0.00
CVE-2018-9079 CRITICAL
Lenovo StorCenter and EMC NAS Firmware - Stored Cross-Site Scripting via DOM Manipulation
Sep 28, 2018
CVSS 9.8
EPSS 0.01
CVE-2018-9078 HIGH
Lenovo Iomega and LenovoEMC NAS <= 4.1.402.34662 - Stored Cross-Site Scripting via SVG Upload
Sep 28, 2018
CVSS 8.8
EPSS 0.00
CVE-2018-9077 HIGH
LenovoEMC Firmware < 4.1.402.34662 - OS Command Injection via Share Name Parameter
Sep 28, 2018
CVSS 8.1
EPSS 0.02
CVE-2018-9076 HIGH
LenovoEMC Firmware < 4.1.402.34662 - OS Command Injection via Share Name Parameter
Sep 28, 2018
CVSS 8.1
EPSS 0.02
Products
thinkcentre_m625q_firmware 28 ideacentre_5-14iob6_firmware 27 ideacentre_g5-14imb05_firmware 27 ideacentre_gaming_5-14iob6_firmware 27 thinkcentre_m75n_firmware 27 v50t-13imb_firmware 27 xclarity_administrator 27 ideacentre_3-07imb05_firmware 26 ideacentre_c5-14imb05_firmware 26 ideacentre_creator_5-14iob6_firmware 26 thinkcentre_m75s_gen_2_firmware 26 thinkcentre_m75t_gen_2_firmware 26 v30a-22iml_firmware 26 v50s-07imb_firmware 26 ideacentre_3-07ada05_firmware 25 ideacentre_g5-14amr05_firmware 25 legion_t7-34imz5_firmware 25 thinkcentre_m70c_firmware 25 thinkcentre_m70q_firmware 25 thinkcentre_m80q_firmware 25 thinkcentre_m80s_firmware 25 thinkcentre_m80t_firmware 25 thinkcentre_m90a_firmware 25 thinkcentre_m90q_tiny_firmware 25 thinkcentre_m90s_firmware 25 thinkedge_se30_firmware 25 v30a-24iml_firmware 25 v50a-22imb_firmware 25 v50a-24imb_firmware 25 v55t_gen_2_13acn_firmware 25
Quick Filters
Critical CVEs With Exploits In CISA KEV