Vulnerabilities > Lenovo

DATE CVE VULNERABILITY TITLE RISK
2023-01-26 CVE-2022-1891 Classic Buffer Overflow vulnerability in Lenovo products
A buffer overflow in the SystemLoadDefaultDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to execute arbitrary code.
local
low complexity
lenovo CWE-120
7.8
2023-01-26 CVE-2022-1892 Classic Buffer Overflow vulnerability in Lenovo products
A buffer overflow in the SystemBootManagerDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to execute arbitrary code.
local
low complexity
lenovo CWE-120
7.8
2023-01-26 CVE-2022-3432 Incorrect Default Permissions vulnerability in Lenovo Ideapad Y700-14Isk Firmware
A potential vulnerability in a driver used during manufacturing process on the Ideapad Y700-14ISK that was mistakenly not deactivated may allow an attacker with elevated privileges to modify secure boot setting by modifying an NVRAM variable.
local
low complexity
lenovo CWE-276
6.7
2023-01-23 CVE-2022-3430 Incorrect Default Permissions vulnerability in Lenovo products
A potential vulnerability in the WMI Setup driver on some consumer Lenovo Notebook devices may allow an attacker with elevated privileges to modify secure boot setting by modifying an NVRAM variable.
local
low complexity
lenovo CWE-276
6.7
2023-01-23 CVE-2022-4816 Unspecified vulnerability in Lenovo Safecenter
A denial-of-service vulnerability has been identified in Lenovo Safecenter that could allow a local user to crash the application.
local
low complexity
lenovo
5.5
2023-01-20 CVE-2022-1109 Incorrect Default Permissions vulnerability in Lenovo Leyun
An incorrect default permissions vulnerability in Lenovo Leyun cloud music application could allow denial of service.
network
low complexity
lenovo CWE-276
7.5
2023-01-05 CVE-2022-4432 Out-of-bounds Read vulnerability in Lenovo Thinkpad X13S Firmware 1.46
A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS PersistenceConfigDxe driver that could allow a local attacker with elevated privileges to cause information disclosure.
local
low complexity
lenovo CWE-125
4.4
2023-01-05 CVE-2022-4433 Out-of-bounds Read vulnerability in Lenovo Thinkpad X13S Firmware 1.46
A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS LenovoSetupConfigDxe driver that could allow a local attacker with elevated privileges to cause information disclosure.
local
low complexity
lenovo CWE-125
4.4
2023-01-05 CVE-2022-4434 Out-of-bounds Read vulnerability in Lenovo Thinkpad X13S Firmware 1.46
A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS driver that could allow a local attacker with elevated privileges to cause information disclosure.
local
low complexity
lenovo CWE-125
4.4
2023-01-05 CVE-2022-4435 Out-of-bounds Read vulnerability in Lenovo Thinkpad X13S Firmware 1.46
A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS LenovoRemoteConfigUpdateDxe driver that could allow a local attacker with elevated privileges to cause information disclosure.
local
low complexity
lenovo CWE-125
4.4