lenovo

488 tracked vulnerabilities.

CVE-2023-29058 MEDIUM
Lenovo ThinkAgile HX Series Firmware - Authenticated Privilege Escalation via XCC CLI
Apr 28, 2023
CVSS 6.4
EPSS 0.00
CVE-2023-29057 HIGH
Lenovo ThinkAgile HX Series Firmware - Privilege Escalation via LDAP Local Account Permission Override
Apr 28, 2023
CVSS 7.3
EPSS 0.01
CVE-2022-4575 MEDIUM
Lenovo ThinkPad Firmware - Secure Boot Bypass via UEFI Variable Write Protection
Oct 30, 2023
CVSS 6.7
EPSS 0.00
CVE-2022-4574 MEDIUM
ThinkPad - Local Privilege Escalation
Oct 30, 2023
CVSS 6.7
EPSS 0.00
CVE-2022-4573 MEDIUM
ThinkPad X1 Fold Gen 1 - Code Injection
Oct 30, 2023
CVSS 6.7
EPSS 0.00
CVE-2022-48189 MEDIUM
Lenovo ThinkPad E/L Series Firmware - Authenticated Arbitrary Code Execution via SMM Driver Input Validation
Oct 30, 2023
CVSS 6.7
EPSS 0.00
CVE-2022-3702 MEDIUM
Lenovo HardwareScan Plugin < 1.3.1.2 - Denial of Service via Arbitrary Directory Deletion
Oct 27, 2023
CVSS 6.1
EPSS 0.00
CVE-2022-3701 HIGH
Lenovo System Update Plugin < 2.0.0.213 - Privilege Escalation via TOCTOU Race Condition
Oct 27, 2023
CVSS 7.8
EPSS 0.00
CVE-2022-3700 MEDIUM
Lenovo System Update Plugin < 2.0.0.213 - Time-of-check Time-of-use Race Condition
Oct 27, 2023
CVSS 6.1
EPSS 0.00
CVE-2022-3611 HIGH
Lenovo App Store < 11.8.0 - Unauthorized Sensitive Data Exposure
Oct 27, 2023
CVSS 7.6
EPSS 0.00
CVE-2022-3429 MEDIUM
Lenovo GM265DN GM266DNS G263DNS Firmware - Denial of Service via Malformed String Input
Oct 27, 2023
CVSS 6.5
EPSS 0.00
CVE-2022-34887 MEDIUM
Lenovo GM265DN, GM266DNS, and G263DNS Firmware - Unauthenticated Printer Configuration Modification
Oct 27, 2023
CVSS 4.3
EPSS 0.00
CVE-2022-34886 HIGH
Lenovo GM265DN, GM266DNS, and G263DNS Firmware - Remote Code Execution via Stack Overflow
Oct 27, 2023
CVSS 8.8
EPSS 0.01
CVE-2022-3699 HIGH
Lenovo Diagnostics < 4.45.0 and HardwareScan Plugin < 1.3.1.2 - Privilege Escalation via Out-of-bounds Write
Oct 25, 2023
CVSS 7.8
EPSS 0.04
CVE-2022-3698 MEDIUM
Lenovo Diagnostics < 4.45.0 and HardwareScan Plugin < 1.3.1.2 - Denial of Service
Oct 25, 2023
CVSS 4.4
EPSS 0.00
CVE-2022-0353 MEDIUM
Lenovo HardwareScanPlugin <1.3.1.2 - Lenovo Diagnostics <4.45 - DoS
Oct 25, 2023
CVSS 4.4
EPSS 0.00
CVE-2022-48183 MEDIUM
ThinkPad T14s Gen 3 & X13 Gen3 - Privilege Escalation
Oct 09, 2023
CVSS 6.1
EPSS 0.00
CVE-2022-48182 MEDIUM
ThinkPad T14s Gen 3 & X13 Gen3 - Privilege Escalation
Oct 09, 2023
CVSS 6.1
EPSS 0.00
CVE-2022-3728 MEDIUM
ThinkPad T14s Gen 3 & X13 Gen3 - Privilege Escalation
Oct 09, 2023
CVSS 6.1
EPSS 0.00
CVE-2022-3431 MEDIUM
Lenovo IdeaPad Creator 5-16ACH6 Firmware - Incorrect Default Permissions
Oct 09, 2023
CVSS 6.7
EPSS 0.00
CVE-2022-3746 MEDIUM
Lenovo IdeaPad Firmware - Improper Access Control in Embedded Controller Interface
Aug 23, 2023
CVSS 6.7
EPSS 0.00
CVE-2022-3745 MEDIUM
Lenovo IdeaPad and IdeaPad 3 Firmware - Exposure of Sensitive Information via SMI Data
Aug 23, 2023
CVSS 4.4
EPSS 0.00
CVE-2022-3744 MEDIUM
Lenovo IdeaPad LCFC BIOS - Unauthenticated UEFI Variable Unlock via Hard-coded SMI Handler Credential
Aug 23, 2023
CVSS 6.7
EPSS 0.00
CVE-2022-3743 MEDIUM
Lenovo IdeaPad and IdeaPad 3 Firmware - Exposure of Sensitive Information via Embedded Controller Command Enumeration
Aug 23, 2023
CVSS 4.4
EPSS 0.00
CVE-2022-3742 MEDIUM
Lenovo IdeaPad Firmware - Authenticated Buffer Overflow via Improper Buffer Validation
Aug 23, 2023
CVSS 6.7
EPSS 0.00