Vulnerabilities > Lenovo > Thinkserver Rd440 Firmware > 50.00

DATE CVE VULNERABILITY TITLE RISK
2018-11-16 CVE-2018-9086 OS Command Injection vulnerability in Lenovo products
In some Lenovo ThinkServer-branded servers, a command injection vulnerability exists in the BMC firmware download command.
network
low complexity
lenovo CWE-78
7.2
2018-04-23 CVE-2017-17833 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
OpenSLP releases in the 1.0.2 and 1.1.0 code streams have a heap-related memory corruption issue which may manifest itself as a denial-of-service or a remote code-execution vulnerability.
network
low complexity
openslp debian canonical redhat lenovo CWE-119
critical
9.8