Vulnerabilities > Lenovo > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-22 | CVE-2022-0192 | Uncontrolled Search Path Element vulnerability in Lenovo Pcmanager A DLL search path vulnerability was reported in Lenovo PCManager prior to version 4.0.40.2175 that could allow privilege escalation. | 7.8 |
| 2022-04-22 | CVE-2022-0354 | Unspecified vulnerability in Lenovo System Update A vulnerability was reported in Lenovo System Update that could allow a local user with interactive system access the ability to execute code with elevated privileges only during the installation of a System Update package released before 2022-02-25 that displays a command prompt window. | 7.8 |
| 2021-11-12 | CVE-2021-3840 | Uncontrolled Search Path Element vulnerability in Lenovo Antilles 1.0.0 A dependency confusion vulnerability was reported in the Antilles open-source software prior to version 1.0.1 that could allow for remote code execution during installation due to a package listed in requirements.txt not existing in the public package index (PyPi). | 8.8 |
| 2021-08-17 | CVE-2021-3617 | Command Injection vulnerability in Lenovo products A vulnerability was reported in Lenovo Smart Camera X3, X5, and C2E that could allow command injection by setting a specially crafted network configuration. | 7.2 |
| 2021-08-17 | CVE-2021-3633 | Uncontrolled Search Path Element vulnerability in Lenovo Drivers Management 2.7.1128.1046 A DLL preloading vulnerability was reported in Lenovo Driver Management prior to version 2.9.0719.1104 that could allow privilege escalation. | 7.8 |
| 2021-07-16 | CVE-2021-3550 | Uncontrolled Search Path Element vulnerability in Lenovo Pcmanager A DLL search path vulnerability was reported in Lenovo PCManager, prior to version 3.0.500.5102, that could allow privilege escalation. | 7.8 |
| 2021-04-27 | CVE-2021-3464 | Uncontrolled Search Path Element vulnerability in Lenovo Pcmanager A DLL search path vulnerability was reported in Lenovo PCManager, prior to version 3.0.400.3252, that could allow privilege escalation. | 7.8 |
| 2021-04-13 | CVE-2021-3462 | Unspecified vulnerability in Lenovo Power Management Driver A privilege escalation vulnerability in Lenovo Power Management Driver for Windows 10, prior to version 1.67.17.54, that could allow unauthorized access to the driver's device object. | 7.8 |
| 2020-11-30 | CVE-2020-8351 | Improper Privilege Management vulnerability in Lenovo Pcmanager 2.6.40.3154/2.8.90.11211 A privilege escalation vulnerability was reported in Lenovo PCManager prior to version 3.0.50.9162 that could allow an authenticated user to execute code with elevated privileges. | 7.8 |
| 2020-10-14 | CVE-2020-8350 | Improper Authentication vulnerability in Lenovo Thinkpad Stack Wireless Router Firmware 1.1.3.4 An authentication bypass vulnerability was reported in Lenovo ThinkPad Stack Wireless Router firmware version 1.1.3.4 that could allow escalation of privilege. | 8.8 |