lenovo

488 tracked vulnerabilities.

CVE-2017-3771 HIGH
Lenovo E95-ThinkCentre M710s/M710t - Info Disclosure
Oct 26, 2017
CVSS 7.5
EPSS 0.01
CVE-2017-3761 CRITICAL
Lenovo Service Framework - Command Injection
Oct 17, 2017
CVSS 9.8
EPSS 0.04
CVE-2017-3760 HIGH
Lenovo Service Framework - Remote Code Execution via Man-in-the-Middle Attack
Oct 17, 2017
CVSS 8.1
EPSS 0.01
CVE-2017-3759 HIGH
Lenovo Service Framework - Remote Code Execution via Improper Server Response Validation
Oct 17, 2017
CVSS 8.1
EPSS 0.02
CVE-2017-3758 CRITICAL
Lenovo Service Framework - Remote Code Execution via Improper Access Controls
Oct 17, 2017
CVSS 9.8
EPSS 0.03
CVE-2017-3770 HIGH
Lenovo XClarity Administrator < 1.3.2 - Authenticated Privilege Escalation via Web Interface
Sep 22, 2017
CVSS 8.8
EPSS 0.01
CVE-2017-3763 MEDIUM
Lenovo XClarity Administrator < 1.3.2 - Unauthenticated Credential Exposure via File System Access
Sep 22, 2017
CVSS 6.7
EPSS 0.00
CVE-2017-3746 HIGH
ThinkPad USB 3.0 Ethernet Adapter - Privilege Escalation
Aug 29, 2017
CVSS 7.8
EPSS 0.00
CVE-2017-3756 HIGH
Lenovo Active Protection System <1.82.0.17 - Privilege Escalation
Aug 18, 2017
CVSS 7.8
EPSS 0.00
CVE-2017-3753 MEDIUM
Lenovo UEFI Firmware - Authenticated Code Injection via AMI BIOS
Aug 10, 2017
CVSS 6.8
EPSS 0.01
CVE-2017-3751 HIGH
ThinkPad Compact USB Keyboard with TrackPoint <1.5.5.0 - Code Injec...
Aug 10, 2017
CVSS 7.8
EPSS 0.00
CVE-2017-3752 HIGH
IBM and Lenovo Fabric Firmware - OSPF Routing Table Manipulation via Improper Input Validation
Aug 09, 2017
CVSS 8.2
EPSS 0.00
CVE-2017-3754 MEDIUM
Lenovo Notebook Systems - Privilege Escalation
Jul 17, 2017
CVSS 6.7
EPSS 0.00
CVE-2017-3742 MEDIUM
Lenovo Connect2 <4.2.5.4885-4.2.5.3071 - Info Disclosure
Jul 17, 2017
CVSS 4.8
EPSS 0.00
CVE-2017-3747 MEDIUM
Lenovo Nerve Center - Privilege Escalation
Jun 29, 2017
CVSS 5.5
EPSS 0.00
CVE-2017-3745 HIGH
Lenovo XClarity Administrator <1.3.0 - Info Disclosure
Jun 20, 2017
CVSS 7.8
EPSS 0.00
CVE-2017-3744 MEDIUM
Lenovo IMM2 Firmware < 4.9 - Sensitive Information Disclosure in FFDC Service Log
Jun 20, 2017
CVSS 6.5
EPSS 0.01
CVE-2017-3743 HIGH
Lenovo ToolsCenter Advanced Settings Utility - Info Disclosure
Jun 20, 2017
CVSS 7.5
EPSS 0.01
CVE-2017-3741 LOW
Lenovo Power Management <1.67.12.24 - Info Disclosure
Jun 04, 2017
CVSS 3.3
EPSS 0.00
CVE-2017-3740 MEDIUM
Lenovo Active Protection System <1.82.0.14 - Privilege Escalation
Jun 04, 2017
CVSS 5.5
EPSS 0.00
CVE-2017-5638 CRITICAL KEVNUCLEI
Apache Struts 2.3.x < 2.3.32 and 2.5.x < 2.5.10.1 - Remote Code Execution via Jakarta Multipart Parser
Mar 11, 2017
CVSS 9.8
EPSS 1.00
CVE-2016-8231 HIGH
Lenovo Service Bridge <4 - Code Injection
Jun 04, 2017
CVSS 7.5
EPSS 0.01
CVE-2016-8230 HIGH
Lenovo Service Bridge <4 - Info Disclosure
Jun 04, 2017
CVSS 7.5
EPSS 0.01
CVE-2016-8229 HIGH
Lenovo Service Bridge < 4 - Cross-Site Request Forgery via DHCP Server
Jun 04, 2017
CVSS 8.8
EPSS 0.00
CVE-2016-8228 HIGH
Lenovo Service Bridge <4 - Privilege Escalation
Jun 04, 2017
CVSS 7.8
EPSS 0.00