Vulnerabilities > Lenovo > Thinkserver Td340 Firmware

DATE CVE VULNERABILITY TITLE RISK
2018-11-16 CVE-2018-9086 OS Command Injection vulnerability in Lenovo products
In some Lenovo ThinkServer-branded servers, a command injection vulnerability exists in the BMC firmware download command.
network
low complexity
lenovo CWE-78
7.2
2018-04-23 CVE-2017-17833 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
OpenSLP releases in the 1.0.2 and 1.1.0 code streams have a heap-related memory corruption issue which may manifest itself as a denial-of-service or a remote code-execution vulnerability.
network
low complexity
openslp debian canonical redhat lenovo CWE-119
critical
9.8
2017-08-10 CVE-2017-3753 Code Injection vulnerability in Lenovo products
A vulnerability has been identified in some Lenovo products that use UEFI (BIOS) code developed by American Megatrends, Inc.
low complexity
lenovo CWE-94
6.8