Vulnerabilities > Lenovo > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-14 | CVE-2020-8318 | Improper Privilege Management vulnerability in Lenovo System Interface Foundation A privilege escalation vulnerability was reported in the LenovoSystemUpdatePlugin for Lenovo System Interface Foundation prior to version that could allow an authenticated user to execute code with elevated privileges. | 7.2 |
| 2020-03-27 | CVE-2015-8535 | Path Traversal vulnerability in Lenovo Solution Center MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. | 7.2 |
| 2020-03-27 | CVE-2015-8534 | Improper Privilege Management vulnerability in Lenovo Solution Center MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. | 7.2 |
| 2020-03-27 | CVE-2015-7334 | Improper Privilege Management vulnerability in Lenovo System Update 5.06.0027/5.06.0043/5.07.0008 MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. | 7.2 |
| 2020-03-27 | CVE-2015-7333 | Improper Privilege Management vulnerability in Lenovo System Update 5.06.0027/5.06.0043/5.07.0008 MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. | 7.2 |
| 2019-12-10 | CVE-2019-6183 | Unspecified vulnerability in Lenovo Energy Management 15.11.29.1 A denial of service vulnerability has been reported in Lenovo Energy Management Driver for Windows 10 versions prior to 15.11.29.7 that could cause systems to experience a blue screen error. | 7.8 |
| 2019-11-12 | CVE-2019-6188 | Unspecified vulnerability in Lenovo products The BIOS tamper detection mechanism was not triggered in Lenovo ThinkPad T460p, BIOS versions up to R07ET90W, and T470p, BIOS versions up to R0FET50W, which may allow for unauthorized access. | 7.5 |
| 2019-09-26 | CVE-2019-6175 | Unspecified vulnerability in Lenovo System Update A denial of service vulnerability was reported in Lenovo System Update versions prior to 5.07.0088 that could allow configuration files to be written to non-standard locations. | 7.8 |
| 2019-09-03 | CVE-2019-6179 | XXE vulnerability in Lenovo Xclarity Administrator and Xclarity Integrator An XML External Entity (XXE) processing vulnerability was reported in Lenovo XClarity Administrator (LXCA) prior to version 2.5.0 , Lenovo XClarity Integrator (LXCI) for Microsoft System Center prior to version 7.7.0, and Lenovo XClarity Integrator (LXCI) for VMWare vCenter prior to version 6.1.0 that could allow information disclosure. | 7.5 |
| 2019-08-19 | CVE-2019-6165 | Untrusted Search Path vulnerability in Lenovo Yoga 700-11Isk Firmware and Yoga 700-14Isk Firmware A DLL search path vulnerability was reported in PaperDisplay Hotkey Service version 1.2.0.8 that could allow privilege escalation. | 7.8 |