Vulnerabilidades em Lenovo
369 resultadosCVE-2020-8337—An unquoted search path vulnerability was reported in versions prior to 1.0.83.0 of the Synaptics Smart Audio UWP app associated with the DCEPSS 0.4%CVE-2025-8061HIGHA potential insufficient access control vulnerability was reported in the Lenovo Dispatcher 3.0 and Dispatcher 3.1 drivers used by some LenoEPSS 0.4%CVE-2019-6165HIGHA DLL search path vulnerability was reported in PaperDisplay Hotkey Service version 1.2.0.8 that could allow privilege escalation. Lenovo haEPSS 0.4%CVE-2023-29058MEDIUMA valid, authenticated XCC user with read-only permissions can modify custom user roles on other user accounts and the user trespass messageEPSS 0.4%CVE-2020-8327HIGHA privilege escalation vulnerability was reported in LenovoBatteryGaugePackage for Lenovo System Interface Foundation bundled in Lenovo VantEPSS 0.4%CVE-2019-6170MEDIUMA potential vulnerability in the SMI callback function used in the Legacy USB driver using boot services structure in runtime phase in some EPSS 0.4%CVE-2020-8341—In Lenovo systems, SMM BIOS Write Protection is used to prevent writes to SPI Flash. While this provides sufficient protection, an additionaEPSS 0.3%CVE-2019-6171MEDIUMA vulnerability was reported in various BIOS versions of older ThinkPad systems that could allow a user with administrative privileges or phEPSS 0.3%CVE-2024-45103MEDIUMA valid, authenticated LXCA user may be able to unmanage an LXCA managed device in through the LXCA web interface without sufficient privileEPSS 0.3%CVE-2022-1109MEDIUMAn incorrect default permissions vulnerability in Lenovo Leyun cloud music application could allow denial of service.EPSS 0.3%CVE-2022-1890MEDIUMA buffer overflow in the ReadyBootDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to execute arbitraEPSS 0.3%CVE-2022-1891MEDIUMA buffer overflow in the SystemLoadDefaultDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to executeEPSS 0.3%CVE-2022-1892MEDIUMA buffer overflow in the SystemBootManagerDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to executeEPSS 0.3%CVE-2023-4608MEDIUMAn authenticated XCC user with elevated privileges can perform blind SQL injection in limited cases through a crafted API command.
This afEPSS 0.3%CVE-2020-8324MEDIUMA vulnerability was reported in LenovoAppScenarioPluginSystem for Lenovo System Interface Foundation prior to version 1.2.184.31 that could EPSS 0.3%CVE-2024-4781MEDIUMA denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to cEPSS 0.3%CVE-2025-6248HIGHA cross-site scripting (XSS) vulnerability was reported in the Lenovo Browser that could allow an attacker to obtain sensitive information iEPSS 0.3%CVE-2020-8333MEDIUMA potential vulnerability in the SMI callback function used in the EEPROM driver in some Lenovo Desktops and ThinkStation models may allow aEPSS 0.3%CVE-2019-6172MEDIUMA potential vulnerability in the SMI callback function used in Legacy USB driver using passed parameter without sufficient checking in some EPSS 0.3%CVE-2024-23593MEDIUM
A vulnerability was reported
in a system recovery bootloader that was part of the Lenovo preloaded Windows 7 and 8 operating systems from EPSS 0.3%