Vulnerabilities > Lenovo

DATE CVE VULNERABILITY TITLE RISK
2021-08-17 CVE-2021-3615 Code Injection vulnerability in Lenovo products
A vulnerability was reported in Lenovo Smart Camera X3, X5, and C2E that could allow code execution if a specific file exists on the attached SD card.
local
low complexity
lenovo CWE-94
4.6
2021-08-17 CVE-2021-3616 Unspecified vulnerability in Lenovo products
A vulnerability was reported in Lenovo Smart Camera X3, X5, and C2E that could allow an unauthorized user to view device information, alter firmware content and device configuration.
network
low complexity
lenovo
7.5
2021-08-17 CVE-2021-3617 Command Injection vulnerability in Lenovo products
A vulnerability was reported in Lenovo Smart Camera X3, X5, and C2E that could allow command injection by setting a specially crafted network configuration.
network
low complexity
lenovo CWE-77
6.5
2021-08-17 CVE-2021-3633 Untrusted Search Path vulnerability in Lenovo Drivers Management 2.7.1128.1046
A DLL preloading vulnerability was reported in Lenovo Driver Management prior to version 2.9.0719.1104 that could allow privilege escalation.
local
lenovo CWE-426
6.9
2021-07-16 CVE-2021-3452 Unspecified vulnerability in Lenovo Bios
A potential vulnerability in the system shutdown SMI callback function in some ThinkPad models may allow an attacker with local access and elevated privileges to execute arbitrary code.
local
low complexity
lenovo
4.6
2021-07-16 CVE-2021-3453 Unspecified vulnerability in Lenovo products
Some Lenovo Notebook, ThinkPad, and Lenovo Desktop systems have BIOS modules unprotected by Intel Boot Guard that could allow an attacker with physical access the ability to write to the SPI flash storage.
local
low complexity
lenovo
2.1
2021-07-16 CVE-2021-3550 Uncontrolled Search Path Element vulnerability in Lenovo Pcmanager 3.0.200.2042/3.0.400.3252/3.0.50.9162
A DLL search path vulnerability was reported in Lenovo PCManager, prior to version 3.0.500.5102, that could allow privilege escalation.
local
low complexity
lenovo CWE-427
4.6
2021-07-16 CVE-2021-3614 Unspecified vulnerability in Lenovo products
A vulnerability was reported on some Lenovo Notebook systems that could allow an attacker with physical access to elevate privileges under certain conditions during a BIOS update performed by Lenovo Vantage.
local
lenovo
4.4
2021-04-27 CVE-2021-3464 Uncontrolled Search Path Element vulnerability in Lenovo Pcmanager 3.0.200.2042/3.0.50.9162
A DLL search path vulnerability was reported in Lenovo PCManager, prior to version 3.0.400.3252, that could allow privilege escalation.
local
low complexity
lenovo CWE-427
7.2
2021-04-27 CVE-2021-3451 Incorrect Default Permissions vulnerability in Lenovo Pcmanager 3.0.200.2042/3.0.50.9162
A denial of service vulnerability was reported in Lenovo PCManager, prior to version 3.0.400.3252, that could allow configuration files to be written to non-standard locations.
local
low complexity
lenovo CWE-276
2.1