Vulnerabilities > Lenovo
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-09 | CVE-2019-6173 | Untrusted Search Path vulnerability in Lenovo Installation Package A DLL search path vulnerability could allow privilege escalation in some Lenovo installation packages, prior to version 1.2.9.3, during installation if an attacker already has administrative privileges. | 6.5 |
| 2020-05-28 | CVE-2020-8330 | Unspecified vulnerability in Lenovo products A denial of service vulnerability was reported in the firmware prior to version 1.01 used in Lenovo Printer LJ4010DN that could be triggered by a remote user sending a crafted packet to the device, preventing subsequent print jobs until the printer is rebooted. | 7.5 |
| 2020-05-28 | CVE-2020-8329 | Unspecified vulnerability in Lenovo products A denial of service vulnerability was reported in the firmware prior to version 1.01 used in Lenovo Printer LJ4010DN that could be triggered by a remote user sending a crafted packet to the device, causing an error to be displayed and preventing printer from functioning until the printer is rebooted. | 7.5 |
| 2020-04-14 | CVE-2020-8327 | Improper Privilege Management vulnerability in Lenovo Vantage 10.2001.12.0/4.0.49.0 A privilege escalation vulnerability was reported in LenovoBatteryGaugePackage for Lenovo System Interface Foundation bundled in Lenovo Vantage prior to version 10.2003.10.0 that could allow an authenticated user to execute code with elevated privileges. | 7.8 |
| 2020-04-14 | CVE-2020-8324 | Improper Input Validation vulnerability in Lenovo System Interface Foundation A vulnerability was reported in LenovoAppScenarioPluginSystem for Lenovo System Interface Foundation prior to version 1.2.184.31 that could allow unsigned DLL files to be executed. | 5.5 |
| 2020-04-14 | CVE-2020-8319 | Unspecified vulnerability in Lenovo System Interface Foundation 1.0.66.0/1.1.18.3 A privilege escalation vulnerability was reported in Lenovo System Interface Foundation prior to version 1.1.19.3 that could allow an authenticated user to execute code with elevated privileges. | 7.8 |
| 2020-04-14 | CVE-2020-8318 | Unspecified vulnerability in Lenovo System Interface Foundation A privilege escalation vulnerability was reported in the LenovoSystemUpdatePlugin for Lenovo System Interface Foundation prior to version that could allow an authenticated user to execute code with elevated privileges. | 7.8 |
| 2020-04-14 | CVE-2020-8316 | Unspecified vulnerability in Lenovo Vantage 10.2001.12.0/4.0.49.0 A vulnerability was reported in Lenovo Vantage prior to version 10.2003.10.0 that could allow an authenticated user to read files on the system with elevated privileges. | 4.4 |
| 2020-03-27 | CVE-2015-8536 | Cross-Site Request Forgery (CSRF) vulnerability in Lenovo Solution Center 3.3.0001/3.3.002 MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. | 8.8 |
| 2020-03-27 | CVE-2015-8535 | Path Traversal vulnerability in Lenovo Solution Center 3.3.0001/3.3.002 MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. | 7.8 |