lenovo

482 tracked vulnerabilities.

CVE-2018-9075 HIGH
LenovoEMC Firmware < 4.1.402.34662 - OS Command Injection via PersonalCloud Client Password Parameter
Sep 28, 2018
CVSS 8.1
EPSS 0.26
CVE-2018-9074 MEDIUM
LenovoEMC Firmware < 4.1.402.34662 - Path Traversal and Arbitrary File Write via Content Explorer Upload
Sep 28, 2018
CVSS 6.5
EPSS 0.00
CVE-2018-12169 HIGH
Intel Core Processor - Info Disclosure
Sep 21, 2018
CVSS 7.6
EPSS 0.00
CVE-2018-9066 HIGH
Lenovo xClarity Administrator < 2.1.0 - Authenticated Command Injection via Web API Parameter
Jul 30, 2018
CVSS 8.8
EPSS 0.01
CVE-2018-9065 HIGH
Lenovo xClarity Administrator < 2.1.0 - Cleartext Storage of Sensitive Credentials
Jul 30, 2018
CVSS 7.5
EPSS 0.00
CVE-2018-9064 HIGH
Lenovo xClarity Administrator <2.1.0 - Privilege Escalation
Jul 30, 2018
CVSS 8.8
EPSS 0.00
CVE-2018-9068 HIGH
Lenovo Flex System and System x Firmware < 4.90 - Hard-coded Credentials in IMM2 FFDC SFTP Server
Jul 26, 2018
CVSS 7.5
EPSS 0.00
CVE-2018-9062 MEDIUM
Lenovo ThinkPad and V Series Firmware - Arbitrary Code Execution via Improper BIOS Region Check
Jul 19, 2018
CVSS 6.8
EPSS 0.00
CVE-2018-9070 MEDIUM
Lenovo Smart Assistant <12.1.82 - Privilege Escalation
Jul 13, 2018
CVSS 6.4
EPSS 0.00
CVE-2018-9067 HIGH
Lenovo Help <6.1.2.0327 - Info Disclosure
Jul 13, 2018
CVSS 7.5
EPSS 0.00
CVE-2018-9063 HIGH
Lenovo System Update < 5.07.0072 - Local Buffer Overflow via MapDrv User ID or Password
May 04, 2018
CVSS 7.8
EPSS 0.00
CVE-2017-3772 MEDIUM
Lenovo PC Manager <2.6.40.3154 - DoS
Jul 31, 2024
CVSS 5.5
EPSS 0.00
CVE-2017-3775 MEDIUM
Lenovo System x server < - Privilege Escalation
May 04, 2018
CVSS 6.4
EPSS 0.00
CVE-2017-17833 CRITICAL
OpenSLP 1.0.2 and 1.1.0 - Remote Code Execution or Denial of Service via Heap Memory Corruption
Apr 23, 2018
CVSS 9.8
EPSS 0.01
CVE-2017-3776 HIGH
Lenovo Help <6.1.2.0327 - Info Disclosure
Apr 19, 2018
CVSS 7.5
EPSS 0.00
CVE-2017-3774 CRITICAL
Lenovo Integrated Management Module 2 < 4.70 - Stack Overflow via Authentication Routine
Apr 19, 2018
CVSS 9.8
EPSS 0.01
CVE-2017-3762 HIGH
Lenovo Fingerprint Manager Pro <8.01.86 - Info Disclosure
Jan 26, 2018
CVSS 7.8
EPSS 0.00
CVE-2017-3765 HIGH
Lenovo/IBM RackSwitch/BladeCenter - Auth Bypass
Jan 10, 2018
CVSS 7.0
EPSS 0.00
CVE-2017-3764 MEDIUM
Lenovo XClarity Administrator <1.4.0 - Info Disclosure
Nov 30, 2017
CVSS 5.3
EPSS 0.01
CVE-2017-3771 HIGH
Lenovo E95-ThinkCentre M710s/M710t - Info Disclosure
Oct 26, 2017
CVSS 7.5
EPSS 0.00
CVE-2017-3761 CRITICAL
Lenovo Service Framework - Command Injection
Oct 17, 2017
CVSS 9.8
EPSS 0.05
CVE-2017-3760 HIGH
Lenovo Service Framework - Remote Code Execution via Man-in-the-Middle Attack
Oct 17, 2017
CVSS 8.1
EPSS 0.01
CVE-2017-3759 HIGH
Lenovo Service Framework - Remote Code Execution via Improper Server Response Validation
Oct 17, 2017
CVSS 8.1
EPSS 0.01
CVE-2017-3758 CRITICAL
Lenovo Service Framework - Remote Code Execution via Improper Access Controls
Oct 17, 2017
CVSS 9.8
EPSS 0.02
CVE-2017-3770 HIGH
Lenovo XClarity Administrator < 1.3.2 - Authenticated Privilege Escalation via Web Interface
Sep 22, 2017
CVSS 8.8
EPSS 0.00
Products
thinkcentre_m625q_firmware 28 ideacentre_5-14iob6_firmware 27 ideacentre_g5-14imb05_firmware 27 ideacentre_gaming_5-14iob6_firmware 27 thinkcentre_m75n_firmware 27 v50t-13imb_firmware 27 xclarity_administrator 27 ideacentre_3-07imb05_firmware 26 ideacentre_c5-14imb05_firmware 26 ideacentre_creator_5-14iob6_firmware 26 thinkcentre_m75s_gen_2_firmware 26 thinkcentre_m75t_gen_2_firmware 26 v30a-22iml_firmware 26 v50s-07imb_firmware 26 ideacentre_3-07ada05_firmware 25 ideacentre_g5-14amr05_firmware 25 legion_t7-34imz5_firmware 25 thinkcentre_m70c_firmware 25 thinkcentre_m70q_firmware 25 thinkcentre_m80q_firmware 25 thinkcentre_m80s_firmware 25 thinkcentre_m80t_firmware 25 thinkcentre_m90a_firmware 25 thinkcentre_m90q_tiny_firmware 25 thinkcentre_m90s_firmware 25 thinkedge_se30_firmware 25 v30a-24iml_firmware 25 v50a-22imb_firmware 25 v50a-24imb_firmware 25 v55t_gen_2_13acn_firmware 25
Quick Filters
Critical CVEs With Exploits In CISA KEV