Vulnerabilities > Lenovo > High

DATE CVE VULNERABILITY TITLE RISK
2016-06-03 CVE-2016-3944 Improper Input Validation vulnerability in Lenovo Accelerator Application
UpdateAgent in Lenovo Accelerator Application allows man-in-the-middle attackers to execute arbitrary code by spoofing an update response from susapi.lenovomm.com.
network
high complexity
lenovo CWE-20
7.5
2016-05-23 CVE-2016-4782 Improper Input Validation vulnerability in Lenovo Shareit 3.5.98Ww
Lenovo SHAREit before 3.5.98_ww on Android before 4.2 allows remote attackers to have unspecified impact via a crafted intent: URL, aka an "intent scheme URL attack."
network
low complexity
lenovo CWE-20
8.8
2016-04-11 CVE-2016-2393 Permissions, Privileges, and Access Controls vulnerability in Lenovo Fingerprint Manager and Touch Fingerprint
Lenovo Fingerprint Manager before 8.01.57 and Touch Fingerprint before 1.00.08 use weak ACLs for unspecified (1) services and (2) files, which allows local users to gain privileges by invalidating local checks.
local
low complexity
lenovo CWE-264
7.8
2016-03-26 CVE-2016-1350 Resource Management Errors vulnerability in multiple products
Cisco IOS 15.3 and 15.4, Cisco IOS XE 3.8 through 3.11, and Cisco Unified Communications Manager allow remote attackers to cause a denial of service (device reload) via malformed SIP messages, aka Bug ID CSCuj23293.
network
low complexity
cisco samsung sun zyxel lenovo zzinc CWE-399
7.5
2016-01-26 CVE-2016-1491 Credentials Management vulnerability in Lenovo Shareit 2.5.1.1
The Wifi hotspot in Lenovo SHAREit before 3.2.0 for Windows, when configured to receive files, has a hardcoded password of 12345678, which makes it easier for remote attackers to obtain access by leveraging a position within the WLAN coverage area.
low complexity
lenovo CWE-255
8.8
2016-01-26 CVE-2016-1489 7PK - Security Features vulnerability in Lenovo Shareit 2.5.1.1/3.0.18Ww
Lenovo SHAREit before 3.2.0 for Windows and SHAREit before 3.5.48_ww for Android transfer files in cleartext, which allows remote attackers to (1) obtain sensitive information by sniffing the network or (2) conduct man-in-the-middle (MITM) attacks via unspecified vectors.
high complexity
lenovo CWE-254
8.0