Vulnerabilities > Lenovo > Thinkserver Rd640 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-16 | CVE-2018-9086 | OS Command Injection vulnerability in Lenovo products In some Lenovo ThinkServer-branded servers, a command injection vulnerability exists in the BMC firmware download command. | 7.2 |
| 2018-04-23 | CVE-2017-17833 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products OpenSLP releases in the 1.0.2 and 1.1.0 code streams have a heap-related memory corruption issue which may manifest itself as a denial-of-service or a remote code-execution vulnerability. | 9.8 |
| 2017-08-10 | CVE-2017-3753 | Code Injection vulnerability in Lenovo products A vulnerability has been identified in some Lenovo products that use UEFI (BIOS) code developed by American Megatrends, Inc. | 6.8 |