Vulnerabilidades em Lenovo
369 resultadosCVE-2019-6188—ThinkPad T460p and T470p BIOS Tamper MechanismEPSS 1.3%CVE-2021-3970MEDIUMA potential vulnerability in LenovoVariable SMI Handler due to insufficient validation in some Lenovo Notebook models BIOS may allow an attaEPSS 1.3%CVE-2021-3971MEDIUMA potential vulnerability by a driver used during older manufacturing processes on some consumer Lenovo Notebook devices that was mistakenlyEPSS 1.3%CVE-2021-3849CRITICALAn authentication bypass vulnerability was discovered in the web interface of the Lenovo Fan Power Controller2 (FPC2) and Lenovo System ManaEPSS 1.2%CVE-2021-3897CRITICALAn authentication bypass vulnerability was discovered in an internal service of the Lenovo Fan Power Controller2 (FPC2) and Lenovo System MaEPSS 1.2%CVE-2023-34420HIGHA valid, authenticated LXCA user with elevated privileges may be able to execute command injections through crafted calls to a specific web EPSS 1.1%CVE-2024-2659HIGH
A command injection vulnerability was identified in SMM/SMM2 and FPC that could allow an authenticated user with elevated privileges to exeEPSS 1.1%CVE-2023-4855HIGH
A command injection vulnerability was identified in SMM/SMM2 and FPC that could allow an authenticated user with elevated privileges to exeEPSS 1.1%CVE-2024-8279HIGHA privilege escalation vulnerability was discovered in XCC that could allow a valid, authenticated XCC user with elevated privileges to perfEPSS 1.1%CVE-2024-8278HIGHA privilege escalation vulnerability was discovered in XCC that could allow a valid, authenticated XCC user with elevated privileges to perfEPSS 1.1%CVE-2019-6177HIGHA vulnerability reported in Lenovo Solution Center version 03.12.003, which is no longer supported, could allow log files to be written to nEPSS 1.1%CVE-2018-9083—System Management Module VulnerabilitiesEPSS 1.1%CVE-2024-38510HIGHA privilege escalation vulnerability was discovered in the SSH captive command shell interface that could allow an authenticated XCC user wiEPSS 1.1%CVE-2020-8347MEDIUMA reflective cross-site scripting (XSS) vulnerability was reported in Lenovo Enterprise Network Disk prior to version 6.1 patch 6 hotfix 4 tEPSS 1.1%CVE-2019-6176—A potential vulnerability reported in ThinkPad USB-C Dock Firmware version 3.7.2 may allow a denial of service.EPSS 1.0%CVE-2019-6193HIGHAn information disclosure vulnerability was reported in Lenovo XClarity Administrator (LXCA) versions prior to 2.6.6 that could allow unauthEPSS 1.0%CVE-2024-8280HIGHAn input validation weakness was discovered in XCC that could allow a valid, authenticated XCC user with elevated privileges to perform commEPSS 1.0%CVE-2024-8281HIGHAn input validation weakness was discovered in XCC that could allow a valid, authenticated XCC user with elevated privileges to perform commEPSS 1.0%CVE-2024-38508HIGHA privilege escalation vulnerability was discovered in the web interface or SSH captive command shell interface of XCC that could allow an aEPSS 1.0%CVE-2024-38512HIGHA privilege escalation vulnerability was discovered in XCC that could allow an authenticated XCC user with elevated privileges to perform coEPSS 1.0%