Vulnerabilities > Lenovo
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-26 | CVE-2022-1890 | Out-of-bounds Write vulnerability in Lenovo products A buffer overflow in the ReadyBootDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to execute arbitrary code. | 7.8 |
| 2023-01-26 | CVE-2022-1891 | Classic Buffer Overflow vulnerability in Lenovo products A buffer overflow in the SystemLoadDefaultDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to execute arbitrary code. | 7.8 |
| 2023-01-26 | CVE-2022-1892 | Classic Buffer Overflow vulnerability in Lenovo products A buffer overflow in the SystemBootManagerDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to execute arbitrary code. | 7.8 |
| 2023-01-26 | CVE-2022-3432 | Incorrect Default Permissions vulnerability in Lenovo Ideapad Y700-14Isk Firmware A potential vulnerability in a driver used during manufacturing process on the Ideapad Y700-14ISK that was mistakenly not deactivated may allow an attacker with elevated privileges to modify secure boot setting by modifying an NVRAM variable. | 6.7 |
| 2023-01-23 | CVE-2022-3430 | Incorrect Default Permissions vulnerability in Lenovo products A potential vulnerability in the WMI Setup driver on some consumer Lenovo Notebook devices may allow an attacker with elevated privileges to modify secure boot setting by modifying an NVRAM variable. | 6.7 |
| 2023-01-23 | CVE-2022-4816 | Unspecified vulnerability in Lenovo Safecenter A denial-of-service vulnerability has been identified in Lenovo Safecenter that could allow a local user to crash the application. | 5.5 |
| 2023-01-20 | CVE-2022-1109 | Incorrect Default Permissions vulnerability in Lenovo Leyun An incorrect default permissions vulnerability in Lenovo Leyun cloud music application could allow denial of service. | 7.5 |
| 2023-01-05 | CVE-2022-4432 | Out-of-bounds Read vulnerability in Lenovo Thinkpas X13S Firmware A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS PersistenceConfigDxe driver that could allow a local attacker with elevated privileges to cause information disclosure. | 4.4 |
| 2023-01-05 | CVE-2022-4433 | Out-of-bounds Read vulnerability in Lenovo Thinkpas X13S Firmware A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS LenovoSetupConfigDxe driver that could allow a local attacker with elevated privileges to cause information disclosure. | 4.4 |
| 2023-01-05 | CVE-2022-4434 | Out-of-bounds Read vulnerability in Lenovo Thinkpad X13S Firmware 1.46 A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS driver that could allow a local attacker with elevated privileges to cause information disclosure. | 4.4 |