Vulnerabilities > Lenovo
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-09-22 | CVE-2017-3770 | Unspecified vulnerability in Lenovo Xclarity Administrator Privilege escalation vulnerability in LXCA versions earlier than 1.3.2 where an authenticated user may be able to abuse certain web interface functionality to execute privileged commands within the underlying LXCA operating system. | 8.8 |
2017-09-22 | CVE-2017-3763 | Unspecified vulnerability in Lenovo Xclarity Administrator An attacker who obtains access to the location where the LXCA file system is stored may be able to access credentials of local LXCA accounts in LXCA versions earlier than 1.3.2. | 6.7 |
2017-08-29 | CVE-2017-3746 | Unspecified vulnerability in Lenovo Thinkpad USB 3.0 Ethernet Adapter Driver ThinkPad USB 3.0 Ethernet Adapter (part number 4X90E51405) driver, various versions, was found to contain a privilege escalation vulnerability that could allow a local user to execute arbitrary code with administrative or system level privileges. | 7.8 |
2017-08-18 | CVE-2017-3756 | Unspecified vulnerability in Lenovo products A privilege escalation vulnerability was identified in Lenovo Active Protection System for ThinkPad systems versions earlier than 1.82.0.17. | 7.8 |
2017-08-10 | CVE-2017-3753 | Code Injection vulnerability in Lenovo products A vulnerability has been identified in some Lenovo products that use UEFI (BIOS) code developed by American Megatrends, Inc. | 6.8 |
2017-08-10 | CVE-2017-3751 | Unquoted Search Path or Element vulnerability in Lenovo Thinkpad Compact USB Keyboard Driver An unquoted service path vulnerability was identified in the driver for the ThinkPad Compact USB Keyboard with TrackPoint versions earlier than 1.5.5.0. | 7.8 |
2017-08-09 | CVE-2017-3752 | Improper Input Validation vulnerability in multiple products An industry-wide vulnerability has been identified in the implementation of the Open Shortest Path First (OSPF) routing protocol used on some Lenovo switches. | 8.2 |
2017-07-17 | CVE-2017-3754 | Unspecified vulnerability in Lenovo Bios Some Lenovo brand notebook systems do not have write protections properly configured in the system BIOS. | 6.7 |
2017-07-17 | CVE-2017-3742 | Information Exposure vulnerability in Lenovo Connect2 4.2.5 In Lenovo Connect2 versions earlier than 4.2.5.4885 for Windows and 4.2.5.3071 for Android, when an ad-hoc connection is made between two systems for the purpose of sharing files, the password for this ad-hoc connection will be stored in a user-readable location. | 4.8 |
2017-06-29 | CVE-2017-3747 | Unspecified vulnerability in Lenovo Nerve Center Privilege escalation vulnerability in Lenovo Nerve Center for Windows 10 on Desktop systems (Lenovo Nerve Center for notebook systems is not affected) that could allow an attacker with local privileges on a system to alter registry keys. | 5.5 |