Vulnerabilities > Lenovo > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-17 | CVE-2021-3616 | Unspecified vulnerability in Lenovo products A vulnerability was reported in Lenovo Smart Camera X3, X5, and C2E that could allow an unauthorized user to view device information, alter firmware content and device configuration. | 7.5 |
| 2021-04-27 | CVE-2021-3464 | Uncontrolled Search Path Element vulnerability in Lenovo Pcmanager 3.0.200.2042/3.0.50.9162 A DLL search path vulnerability was reported in Lenovo PCManager, prior to version 3.0.400.3252, that could allow privilege escalation. | 7.2 |
| 2021-04-13 | CVE-2021-3462 | Unspecified vulnerability in Lenovo Power Management Driver A privilege escalation vulnerability in Lenovo Power Management Driver for Windows 10, prior to version 1.67.17.54, that could allow unauthorized access to the driver's device object. | 7.8 |
| 2020-11-11 | CVE-2020-8354 | Unspecified vulnerability in Lenovo Notebook Firmware A potential vulnerability in the SMI callback function used in the VariableServiceSmm driver in some Lenovo Notebook models may allow arbitrary code execution. | 7.2 |
| 2020-10-14 | CVE-2020-8338 | Untrusted Search Path vulnerability in Lenovo Diagnostics A DLL search path vulnerability was reported in Lenovo Diagnostics prior to version 4.35.4 that could allow a user with local access to execute code on the system. | 7.2 |
| 2020-09-24 | CVE-2020-8333 | Unspecified vulnerability in Lenovo products A potential vulnerability in the SMI callback function used in the EEPROM driver in some Lenovo Desktops and ThinkStation models may allow arbitrary code execution | 7.2 |
| 2020-05-28 | CVE-2020-8330 | Improper Input Validation vulnerability in Lenovo products A denial of service vulnerability was reported in the firmware prior to version 1.01 used in Lenovo Printer LJ4010DN that could be triggered by a remote user sending a crafted packet to the device, preventing subsequent print jobs until the printer is rebooted. | 7.8 |
| 2020-05-28 | CVE-2020-8329 | Improper Input Validation vulnerability in Lenovo products A denial of service vulnerability was reported in the firmware prior to version 1.01 used in Lenovo Printer LJ4010DN that could be triggered by a remote user sending a crafted packet to the device, causing an error to be displayed and preventing printer from functioning until the printer is rebooted. | 7.8 |
| 2020-04-14 | CVE-2020-8327 | Improper Privilege Management vulnerability in Lenovo Vantage 10.2001.12.0 A privilege escalation vulnerability was reported in LenovoBatteryGaugePackage for Lenovo System Interface Foundation bundled in Lenovo Vantage prior to version 10.2003.10.0 that could allow an authenticated user to execute code with elevated privileges. | 7.2 |
| 2020-04-14 | CVE-2020-8319 | Improper Privilege Management vulnerability in Lenovo System Interface Foundation 1.0.66.0/1.1.18.3 A privilege escalation vulnerability was reported in Lenovo System Interface Foundation prior to version 1.1.19.3 that could allow an authenticated user to execute code with elevated privileges. | 7.2 |