Vulnerabilidades em Lenovo Group Ltd.

56 resultados
CVE-2017-3743If multiple users are concurrently logged into a single system where one user is sending a command via the Lenovo ToolsCenter Advanced SettiEPSS 0.7%CVE-2017-3753A vulnerability has been identified in some Lenovo products that use UEFI (BIOS) code developed by American Megatrends, Inc. (AMI). With thiEPSS 0.5%CVE-2016-8231In Lenovo Service Bridge before version 4, a bug found in the signature verification logic of the code signing certificate could be exploiteEPSS 0.5%CVE-2018-9062BIOS Modules Unprotected by Intel Boot Guard Vulnerable to Physical AttackEPSS 0.5%CVE-2017-3742In Lenovo Connect2 versions earlier than 4.2.5.4885 for Windows and 4.2.5.3071 for Android, when an ad-hoc connection is made between two syEPSS 0.5%CVE-2018-9065In Lenovo xClarity Administrator versions earlier than 2.1.0, an attacker that gains access to the underlying LXCA file system user may be aEPSS 0.5%CVE-2016-8229A cross-site request forgery vulnerability in Lenovo Service Bridge before version 4 could be exploited by an attacker with access to the DHEPSS 0.5%CVE-2017-3752An industry-wide vulnerability has been identified in the implementation of the Open Shortest Path First (OSPF) routing protocol used on somEPSS 0.4%CVE-2017-3767A local privilege escalation vulnerability was identified in the Realtek audio driver versions prior to 6.0.1.8224 in some Lenovo ThinkPad pEPSS 0.4%CVE-2016-8235Privilege escalation in Lenovo Customer Care Software Development Kit (CCSDK) versions earlier than 2.0.16.3 allows local users to execute cEPSS 0.4%CVE-2017-3762Sensitive data stored by Lenovo Fingerprint Manager Pro, version 8.01.86 and earlier, including users' Windows logon credentials and fingerpEPSS 0.4%CVE-2018-9063MapDrv (C:\Program Files\Lenovo\System Update\mapdrv.exe) In Lenovo System Update versions earlier than 5.07.0072 contains a local vulnerabiEPSS 0.4%CVE-2017-3745In Lenovo XClarity Administrator (LXCA) before 1.3.0, if service data is downloaded from LXCA, a non-administrative user may have access to EPSS 0.4%CVE-2018-16098In some Lenovo ThinkPads, an unquoted search path vulnerability was found in various versions of the Synaptics Pointing Device driver which EPSS 0.4%CVE-2017-3756A privilege escalation vulnerability was identified in Lenovo Active Protection System for ThinkPad systems versions earlier than 1.82.0.17.EPSS 0.4%CVE-2017-3746ThinkPad USB 3.0 Ethernet Adapter (part number 4X90E51405) driver, various versions, was found to contain a privilege escalation vulnerabiliEPSS 0.4%CVE-2017-3751An unquoted service path vulnerability was identified in the driver for the ThinkPad Compact USB Keyboard with TrackPoint versions earlier tEPSS 0.4%CVE-2017-3757An unquoted service path vulnerability was identified in the driver for the ElanTech Touchpad, various versions, used on some Lenovo brand nEPSS 0.4%CVE-2016-8228In Lenovo Service Bridge before version 4, a user with local privileges on a system could execute code with administrative privileges.EPSS 0.4%CVE-2016-8225Unquoted service path vulnerability in Lenovo Edge and Lenovo Slim USB Keyboard Driver versions earlier than 1.21 allows local users to execEPSS 0.4%