Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / lenovo

lenovo

482 tracked vulnerabilities.

CVE-2023-4030 HIGH

ThinkPad P14s Gen 2-P15s Gen 2-T14 Gen 2-T15 Gen 2 - Info Disclosure

CVE-2023-4029 MEDIUM

Lenovo ThinkPad Firmware - Authenticated Buffer Overflow in BoardUpdateAcpiDxe Driver

CVE-2023-4028 MEDIUM

Lenovo Yoga and IdeaPad Flex Firmware - Authenticated Buffer Overflow in SystemUserMasterHddPwdDxe Driver

CVE-2023-3078 HIGH

Lenovo Universal Device Client < 23.4 - Uncontrolled Search Path Element

CVE-2023-34419 MEDIUM

Lenovo Legion 5 Pro 16IAH7H Firmware < j2cn51ww - Authenticated Buffer Overflow in SetupUtility Driver

CVE-2023-3113 HIGH

Lenovo XClarity Administrator CIM Server - XML External Entity File Read

CVE-2023-34422 MEDIUM

Lenovo XClarity Administrator < 4.0.0 - Authenticated Directory Deletion via Web API

CVE-2023-34421 MEDIUM

Lenovo XClarity Administrator < 4.0.0 - Authenticated Filesystem Data Replacement via Web API

CVE-2023-34420 HIGH

Lenovo XClarity Administrator < 4.0.0 - Authenticated OS Command Injection via Web API

CVE-2023-34418 HIGH

Lenovo XClarity Administrator < 4.0.0 - Authenticated SQL Injection via Web API

CVE-2023-2993 MEDIUM

Lenovo NextScale N1200 Enclosure Firmware < fhet60b-3.40 - Authenticated Privilege Escalation via Web Management API

CVE-2023-2992 HIGH

Lenovo NextScale N1200 Enclosure Firmware < fhet60b-3.40 - Unauthenticated Denial of Service

CVE-2023-2290 MEDIUM

Lenovo ThinkPad E14/E15/L13/L14 Firmware - Authenticated Out-of-bounds Write via LenovoFlashDeviceInterface SMI Handler

CVE-2023-25492 MEDIUM

Lenovo ThinkAgile Firmware - Authenticated Denial of Service via Format String Injection

CVE-2023-0683 HIGH

Lenovo ThinkAgile HX Series Firmware - Authenticated Privilege Escalation via Crafted API Call

CVE-2023-0896 HIGH

Lenovo Smart Clock Essential with Alexa Built In Firmware < 90 - Unauthenticated Default Password Bypass

CVE-2023-29056 MEDIUM

Lenovo ThinkAgile HX Series Firmware - Improper Privilege Management

CVE-2023-25496 HIGH

Lenovo Drivers Management < 3.1.1307.1308 - Privilege Escalation

CVE-2023-25495 MEDIUM

Lenovo ThinkAgile Firmware - Authenticated LDAP Password Exposure via Web Interface API

CVE-2023-29058 MEDIUM

Lenovo ThinkAgile HX Series Firmware - Authenticated Privilege Escalation via XCC CLI

CVE-2023-29057 HIGH

Lenovo ThinkAgile HX Series Firmware - Privilege Escalation via LDAP Local Account Permission Override

CVE-2022-4575 MEDIUM

Lenovo ThinkPad Firmware - Secure Boot Bypass via UEFI Variable Write Protection

CVE-2022-4574 MEDIUM

ThinkPad - Local Privilege Escalation

CVE-2022-4573 MEDIUM

ThinkPad X1 Fold Gen 1 - Code Injection

CVE-2022-48189 MEDIUM

Lenovo ThinkPad E/L Series Firmware - Authenticated Arbitrary Code Execution via SMM Driver Input Validation

Previous Page 7 of 20 Next

Products

thinkcentre_m625q_firmware 28 ideacentre_5-14iob6_firmware 27 ideacentre_g5-14imb05_firmware 27 ideacentre_gaming_5-14iob6_firmware 27 thinkcentre_m75n_firmware 27 v50t-13imb_firmware 27 xclarity_administrator 27 ideacentre_3-07imb05_firmware 26 ideacentre_c5-14imb05_firmware 26 ideacentre_creator_5-14iob6_firmware 26 thinkcentre_m75s_gen_2_firmware 26 thinkcentre_m75t_gen_2_firmware 26 v30a-22iml_firmware 26 v50s-07imb_firmware 26 ideacentre_3-07ada05_firmware 25 ideacentre_g5-14amr05_firmware 25 legion_t7-34imz5_firmware 25 thinkcentre_m70c_firmware 25 thinkcentre_m70q_firmware 25 thinkcentre_m80q_firmware 25 thinkcentre_m80s_firmware 25 thinkcentre_m80t_firmware 25 thinkcentre_m90a_firmware 25 thinkcentre_m90q_tiny_firmware 25 thinkcentre_m90s_firmware 25 thinkedge_se30_firmware 25 v30a-24iml_firmware 25 v50a-22imb_firmware 25 v50a-24imb_firmware 25 v55t_gen_2_13acn_firmware 25

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy