Lenovo Browser
by Lenovo
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-12046 | Hig | 0.51 | 7.8 | 0.00 | Dec 10, 2025 | A DLL hijacking vulnerability was reported in the Lenovo App Store and Lenovo Browser applications that could allow a local authenticated user to execute code with elevated privileges under certain conditions. | ||
| CVE-2025-6248 | Hig | 0.48 | 7.4 | 0.00 | Jul 17, 2025 | A cross-site scripting (XSS) vulnerability was reported in the Lenovo Browser that could allow an attacker to obtain sensitive information if a user visits a web page with specially crafted content. | ||
| CVE-2024-10254 | Med | 0.31 | 4.7 | 0.00 | Jan 14, 2025 | A potential buffer overflow vulnerability was reported in PC Manager, Lenovo Browser, and Lenovo App Store that could allow a local attacker to cause a system crash. | ||
| CVE-2024-10253 | Med | 0.31 | 4.7 | 0.00 | Jan 14, 2025 | A potential TOCTOU vulnerability was reported in PC Manager, Lenovo Browser, and Lenovo App Store that could allow a local attacker to cause a system crash. | ||
| CVE-2023-6540 | 0.00 | — | 0.01 | Jan 3, 2024 | A vulnerability was reported in the Lenovo Browser Mobile and Lenovo Browser HD Apps for Android that could allow an attacker to craft a payload that could result in the disclosure of sensitive information. |
- risk 0.51cvss 7.8epss 0.00
A DLL hijacking vulnerability was reported in the Lenovo App Store and Lenovo Browser applications that could allow a local authenticated user to execute code with elevated privileges under certain conditions.
- risk 0.48cvss 7.4epss 0.00
A cross-site scripting (XSS) vulnerability was reported in the Lenovo Browser that could allow an attacker to obtain sensitive information if a user visits a web page with specially crafted content.
- risk 0.31cvss 4.7epss 0.00
A potential buffer overflow vulnerability was reported in PC Manager, Lenovo Browser, and Lenovo App Store that could allow a local attacker to cause a system crash.
- risk 0.31cvss 4.7epss 0.00
A potential TOCTOU vulnerability was reported in PC Manager, Lenovo Browser, and Lenovo App Store that could allow a local attacker to cause a system crash.
- CVE-2023-6540Jan 3, 2024risk 0.00cvss —epss 0.01
A vulnerability was reported in the Lenovo Browser Mobile and Lenovo Browser HD Apps for Android that could allow an attacker to craft a payload that could result in the disclosure of sensitive information.