lenovo

488 tracked vulnerabilities.

CVE-2024-8280 HIGH
Lenovo XCC - Authenticated OS Command Injection via Crafted File
Sep 13, 2024
CVSS 7.2
EPSS 0.01
CVE-2024-8279 HIGH
Lenovo ThinkAgile XCC - Authenticated OS Command Injection via File Upload
Sep 13, 2024
CVSS 7.2
EPSS 0.01
CVE-2024-8278 HIGH
Lenovo ThinkAgile XCC - Authenticated OS Command Injection via IPMI Commands
Sep 13, 2024
CVSS 7.2
EPSS 0.01
CVE-2024-8059 MEDIUM
Lenovo ThinkAgile and ThinkSystem XCC - Cleartext Transmission of Sensitive Information in Audit Logs
Sep 13, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-7756 MEDIUM
ThinkPad L390 Yoga & 10w Notebook - Privilege Escalation
Sep 13, 2024
CVSS 6.8
EPSS 0.00
CVE-2024-4550 MEDIUM
Lenovo ThinkSystem/ThinkStation - Buffer Overflow
Sep 13, 2024
CVSS 6.7
EPSS 0.00
CVE-2024-45105 MEDIUM
Lenovo ThinkSystem and ThinkAgile BIOS - Authenticated Arbitrary Code Execution via UEFI SMM Callout
Sep 13, 2024
CVSS 6.7
EPSS 0.00
CVE-2024-45104 MEDIUM
Lenovo XClarity Administrator < 4.1.0 - Authenticated Privilege Escalation via Web API Call
Sep 13, 2024
CVSS 6.3
EPSS 0.00
CVE-2024-45103 MEDIUM
Lenovo XClarity Administrator < 4.1.0 - Authenticated Privilege Escalation via Device Unmanage Action
Sep 13, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-45101 MEDIUM
Lenovo XClarity Administrator < 4.1 - Session Hijacking via SSO URL Manipulation
Sep 13, 2024
CVSS 6.8
EPSS 0.00
CVE-2024-3100 MEDIUM
Lenovo BIOS Authenticated Stack-based Buffer Overflow
Sep 13, 2024
CVSS 6.7
EPSS 0.00
CVE-2024-8105 MEDIUM
Acer vz2694g, Aspire S 27, Aspire S32-1856, Aspire XC-1710 - Insecure Platform Key Usage
Aug 26, 2024
CVSS 6.4
EPSS 0.00
CVE-2024-6004 MEDIUM
Lenovo Printers - Unauthenticated Denial of Service
Aug 16, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-5210 MEDIUM
Lenovo Printers - Unauthenticated Denial of Service
Aug 16, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-5209 MEDIUM
Lenovo Printers - Unauthenticated Denial of Service
Aug 16, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-4782 MEDIUM
Lenovo Printers - Unauthenticated Denial of Service
Aug 16, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-4781 MEDIUM
Lenovo Printers - Unauthenticated Denial of Service
Aug 16, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-4763 HIGH
Lenovo LDCC/LADM - Privilege Escalation
Aug 16, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-2175 HIGH
Lenovo LDCC/LADM - Privilege Escalation
Aug 16, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-4786 LOW
Lenovo Tab K10 - Improper Certificate Validation
Jul 26, 2024
CVSS 2.8
EPSS 0.00
CVE-2024-38512 HIGH
Lenovo XClarity Controller - Authenticated OS Command Injection via IPMI Commands
Jul 26, 2024
CVSS 7.2
EPSS 0.01
CVE-2024-38511 HIGH
Lenovo XClarity Controller - Authenticated OS Command Injection via File Upload
Jul 26, 2024
CVSS 7.2
EPSS 0.01
CVE-2024-38510 HIGH
Lenovo XClarity Controller - Authenticated OS Command Injection via SSH Captive Shell File Upload
Jul 26, 2024
CVSS 7.2
EPSS 0.01
CVE-2024-38509 HIGH
Lenovo XClarity Controller - Authenticated Privilege Escalation via IPMI Command
Jul 26, 2024
CVSS 7.2
EPSS 0.01
CVE-2024-38508 HIGH
Lenovo XClarity Controller - Authenticated OS Command Injection via Web Interface or SSH Captive Shell
Jul 26, 2024
CVSS 7.2
EPSS 0.01