Vulnerabilities > Lenovo
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-19 | CVE-2023-5080 | Unspecified vulnerability in Lenovo products A privilege escalation vulnerability was reported in some Lenovo tablet products that could allow local applications access to device identifiers and system commands. | 7.8 |
| 2024-01-19 | CVE-2023-5081 | Unspecified vulnerability in Lenovo products An information disclosure vulnerability was reported in the Lenovo Tab M8 HD that could allow a local application to gather a non-resettable device identifier. | 3.3 |
| 2024-01-19 | CVE-2023-6043 | Improper Certificate Validation vulnerability in Lenovo Vantage A privilege escalation vulnerability was reported in Lenovo Vantage that could allow a local attacker to bypass integrity checks and execute arbitrary code with elevated privileges. | 7.8 |
| 2024-01-19 | CVE-2023-6044 | Authentication Bypass by Spoofing vulnerability in Lenovo Vantage A privilege escalation vulnerability was reported in Lenovo Vantage that could allow a local attacker with physical access to impersonate Lenovo Vantage Service and execute arbitrary code with elevated privileges. | 6.8 |
| 2024-01-19 | CVE-2023-6450 | Unspecified vulnerability in Lenovo APP Store An incorrect permissions vulnerability was reported in the Lenovo App Store app that could allow an attacker to use system resources, resulting in a denial of service. | 5.5 |
| 2024-01-03 | CVE-2023-6338 | Uncontrolled Search Path Element vulnerability in Lenovo Universal Device Client Uncontrolled search path vulnerabilities were reported in the Lenovo Universal Device Client (UDC) that could allow an attacker with local access to execute code with elevated privileges. | 7.8 |
| 2024-01-03 | CVE-2023-6540 | Unspecified vulnerability in Lenovo Browser HD and Browser Mobile A vulnerability was reported in the Lenovo Browser Mobile and Lenovo Browser HD Apps for Android that could allow an attacker to craft a payload that could result in the disclosure of sensitive information. | 7.5 |
| 2023-11-08 | CVE-2023-43571 | Classic Buffer Overflow vulnerability in Lenovo products A buffer overflow was reported in the BiosExtensionLoader module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. | 6.7 |
| 2023-11-08 | CVE-2023-43572 | Out-of-bounds Read vulnerability in Lenovo products A buffer over-read was reported in the BiosExtensionLoader module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to disclose sensitive information. | 4.4 |
| 2023-11-08 | CVE-2023-43573 | Classic Buffer Overflow vulnerability in Lenovo products A buffer overflow was reported in the LEMALLDriversConnectedEventHook module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. | 6.7 |