Vulnerabilities > Lenovo > Thinkpad X1 Carbon Firmware > 6.0.8882.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-26 | CVE-2019-19705 | Unquoted Search Path or Element vulnerability in Lenovo products Realtek Audio Drivers for Windows, as used on the Lenovo ThinkPad X1 Carbon 20A7, 20A8, 20BS, and 20BT before 6.0.8882.1 and 20KH and 20KG before 6.0.8907.1 (and on many other Lenovo and non-Lenovo products), mishandles DLL preloading. | 7.8 |
| 2020-06-09 | CVE-2020-8323 | Unspecified vulnerability in Lenovo products A potential vulnerability in the SMI callback function used in the Legacy SD driver in some Lenovo ThinkPad, ThinkStation, and Lenovo Notebook models may allow arbitrary code execution. | 6.7 |
| 2020-06-09 | CVE-2020-8320 | Improper Privilege Management vulnerability in Lenovo products An internal shell was included in BIOS image in some ThinkPad models that could allow escalation of privilege. | 6.8 |
| 2019-08-29 | CVE-2019-10724 | Unspecified vulnerability in Lenovo products There is a vulnerability with the Dolby DAX2 API system services in which a low-privileged user can terminate arbitrary processes that are running at a higher privilege. | 6.5 |
| 2018-07-19 | CVE-2018-9062 | Injection vulnerability in Lenovo products In some Lenovo ThinkPad products, one BIOS region is not properly included in the checks, allowing injection of arbitrary code. | 6.8 |