Vulnerabilities > Lenovo > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-17 | CVE-2021-3617 | Command Injection vulnerability in Lenovo products A vulnerability was reported in Lenovo Smart Camera X3, X5, and C2E that could allow command injection by setting a specially crafted network configuration. | 7.2 |
| 2021-08-17 | CVE-2021-3633 | Uncontrolled Search Path Element vulnerability in Lenovo Drivers Management 2.7.1128.1046 A DLL preloading vulnerability was reported in Lenovo Driver Management prior to version 2.9.0719.1104 that could allow privilege escalation. | 7.8 |
| 2021-07-16 | CVE-2021-3550 | Uncontrolled Search Path Element vulnerability in Lenovo Pcmanager A DLL search path vulnerability was reported in Lenovo PCManager, prior to version 3.0.500.5102, that could allow privilege escalation. | 7.8 |
| 2021-04-27 | CVE-2021-3464 | Uncontrolled Search Path Element vulnerability in Lenovo Pcmanager A DLL search path vulnerability was reported in Lenovo PCManager, prior to version 3.0.400.3252, that could allow privilege escalation. | 7.8 |
| 2021-04-13 | CVE-2021-3462 | Unspecified vulnerability in Lenovo Power Management Driver A privilege escalation vulnerability in Lenovo Power Management Driver for Windows 10, prior to version 1.67.17.54, that could allow unauthorized access to the driver's device object. | 7.8 |
| 2020-11-30 | CVE-2020-8351 | Improper Privilege Management vulnerability in Lenovo Pcmanager 2.6.40.3154/2.8.90.11211 A privilege escalation vulnerability was reported in Lenovo PCManager prior to version 3.0.50.9162 that could allow an authenticated user to execute code with elevated privileges. | 7.8 |
| 2020-10-14 | CVE-2020-8350 | Improper Authentication vulnerability in Lenovo Thinkpad Stack Wireless Router Firmware 1.1.3.4 An authentication bypass vulnerability was reported in Lenovo ThinkPad Stack Wireless Router firmware version 1.1.3.4 that could allow escalation of privilege. | 8.8 |
| 2020-10-14 | CVE-2020-8345 | Uncontrolled Search Path Element vulnerability in Lenovo Hardware Scan A DLL search path vulnerability was reported in the Lenovo HardwareScan Plugin for the Lenovo Vantage hardware scan feature prior to version 1.0.46.11 that could allow escalation of privilege. | 7.8 |
| 2020-10-14 | CVE-2020-8338 | Untrusted Search Path vulnerability in Lenovo Diagnostics A DLL search path vulnerability was reported in Lenovo Diagnostics prior to version 4.35.4 that could allow a user with local access to execute code on the system. | 7.8 |
| 2020-09-24 | CVE-2020-8333 | Unspecified vulnerability in Lenovo products A potential vulnerability in the SMI callback function used in the EEPROM driver in some Lenovo Desktops and ThinkStation models may allow arbitrary code execution | 7.8 |