Vulnerabilities > Lenovo > Thinkserver Ts450 Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-01-30 CVE-2022-40134 Out-of-bounds Read vulnerability in Lenovo products
An information leak vulnerability in the SMI Set BIOS Password SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM memory.
local
low complexity
lenovo CWE-125
4.4
2023-01-30 CVE-2022-40137 Classic Buffer Overflow vulnerability in Lenovo products
A buffer overflow in the WMI SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to execute arbitrary code.
local
low complexity
lenovo CWE-120
6.7
2022-12-26 CVE-2019-19705 Unquoted Search Path or Element vulnerability in Lenovo products
Realtek Audio Drivers for Windows, as used on the Lenovo ThinkPad X1 Carbon 20A7, 20A8, 20BS, and 20BT before 6.0.8882.1 and 20KH and 20KG before 6.0.8907.1 (and on many other Lenovo and non-Lenovo products), mishandles DLL preloading.
local
low complexity
lenovo CWE-428
7.8
2017-08-10 CVE-2017-3753 Code Injection vulnerability in Lenovo products
A vulnerability has been identified in some Lenovo products that use UEFI (BIOS) code developed by American Megatrends, Inc.
low complexity
lenovo CWE-94
6.8