lenovo
488 tracked vulnerabilities.
CVE-2024-8280
HIGH
Lenovo XCC - Authenticated OS Command Injection via Crafted File
Sep 13, 2024
CVSS 7.2
EPSS 0.01
CVE-2024-8279
HIGH
Lenovo ThinkAgile XCC - Authenticated OS Command Injection via File Upload
Sep 13, 2024
CVSS 7.2
EPSS 0.01
CVE-2024-8278
HIGH
Lenovo ThinkAgile XCC - Authenticated OS Command Injection via IPMI Commands
Sep 13, 2024
CVSS 7.2
EPSS 0.01
CVE-2024-8059
MEDIUM
Lenovo ThinkAgile and ThinkSystem XCC - Cleartext Transmission of Sensitive Information in Audit Logs
Sep 13, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-7756
MEDIUM
ThinkPad L390 Yoga & 10w Notebook - Privilege Escalation
Sep 13, 2024
CVSS 6.8
EPSS 0.00
CVE-2024-4550
MEDIUM
Lenovo ThinkSystem/ThinkStation - Buffer Overflow
Sep 13, 2024
CVSS 6.7
EPSS 0.00
CVE-2024-45105
MEDIUM
Lenovo ThinkSystem and ThinkAgile BIOS - Authenticated Arbitrary Code Execution via UEFI SMM Callout
Sep 13, 2024
CVSS 6.7
EPSS 0.00
CVE-2024-45104
MEDIUM
Lenovo XClarity Administrator < 4.1.0 - Authenticated Privilege Escalation via Web API Call
Sep 13, 2024
CVSS 6.3
EPSS 0.00
CVE-2024-45103
MEDIUM
Lenovo XClarity Administrator < 4.1.0 - Authenticated Privilege Escalation via Device Unmanage Action
Sep 13, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-45101
MEDIUM
Lenovo XClarity Administrator < 4.1 - Session Hijacking via SSO URL Manipulation
Sep 13, 2024
CVSS 6.8
EPSS 0.00
CVE-2024-3100
MEDIUM
Lenovo BIOS Authenticated Stack-based Buffer Overflow
Sep 13, 2024
CVSS 6.7
EPSS 0.00
CVE-2024-8105
MEDIUM
Acer vz2694g, Aspire S 27, Aspire S32-1856, Aspire XC-1710 - Insecure Platform Key Usage
Aug 26, 2024
CVSS 6.4
EPSS 0.00
CVE-2024-6004
MEDIUM
Lenovo Printers - Unauthenticated Denial of Service
Aug 16, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-5210
MEDIUM
Lenovo Printers - Unauthenticated Denial of Service
Aug 16, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-5209
MEDIUM
Lenovo Printers - Unauthenticated Denial of Service
Aug 16, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-4782
MEDIUM
Lenovo Printers - Unauthenticated Denial of Service
Aug 16, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-4781
MEDIUM
Lenovo Printers - Unauthenticated Denial of Service
Aug 16, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-4763
HIGH
Lenovo LDCC/LADM - Privilege Escalation
Aug 16, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-2175
HIGH
Lenovo LDCC/LADM - Privilege Escalation
Aug 16, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-4786
LOW
Lenovo Tab K10 - Improper Certificate Validation
Jul 26, 2024
CVSS 2.8
EPSS 0.00
CVE-2024-38512
HIGH
Lenovo XClarity Controller - Authenticated OS Command Injection via IPMI Commands
Jul 26, 2024
CVSS 7.2
EPSS 0.01
CVE-2024-38511
HIGH
Lenovo XClarity Controller - Authenticated OS Command Injection via File Upload
Jul 26, 2024
CVSS 7.2
EPSS 0.01
CVE-2024-38510
HIGH
Lenovo XClarity Controller - Authenticated OS Command Injection via SSH Captive Shell File Upload
Jul 26, 2024
CVSS 7.2
EPSS 0.01
CVE-2024-38509
HIGH
Lenovo XClarity Controller - Authenticated Privilege Escalation via IPMI Command
Jul 26, 2024
CVSS 7.2
EPSS 0.01
CVE-2024-38508
HIGH
Lenovo XClarity Controller - Authenticated OS Command Injection via Web Interface or SSH Captive Shell
Jul 26, 2024
CVSS 7.2
EPSS 0.01
Products
thinkcentre_m625q_firmware 28
ideacentre_5-14iob6_firmware 27
ideacentre_g5-14imb05_firmware 27
ideacentre_gaming_5-14iob6_firmware 27
thinkcentre_m75n_firmware 27
v50t-13imb_firmware 27
xclarity_administrator 27
ideacentre_3-07imb05_firmware 26
ideacentre_c5-14imb05_firmware 26
ideacentre_creator_5-14iob6_firmware 26
thinkcentre_m75s_gen_2_firmware 26
thinkcentre_m75t_gen_2_firmware 26
v30a-22iml_firmware 26
v50s-07imb_firmware 26
ideacentre_3-07ada05_firmware 25
ideacentre_g5-14amr05_firmware 25
legion_t7-34imz5_firmware 25
thinkcentre_m70c_firmware 25
thinkcentre_m70q_firmware 25
thinkcentre_m80q_firmware 25
thinkcentre_m80s_firmware 25
thinkcentre_m80t_firmware 25
thinkcentre_m90a_firmware 25
thinkcentre_m90q_tiny_firmware 25
thinkcentre_m90s_firmware 25
thinkedge_se30_firmware 25
v30a-24iml_firmware 25
v50a-22imb_firmware 25
v50a-24imb_firmware 25
v55t_gen_2_13acn_firmware 25
Quick Filters