VYPR

Vendor CVEs

Lenovo

All CVEs

486 total · sorted by risk
  • CVE-2016-8221HigJan 12, 2017
    risk 0.46cvss 7.0epss 0.00

    Privilege Escalation in Lenovo XClarity Administrator earlier than 1.2.0, if LXCA is used to manage rack switches or chassis with embedded input/output modules (IOMs), certain log files viewable by authenticated users may contain passwords for internal administrative LXCA…

  • CVE-2026-6090HigJun 10, 2026
    risk 0.45cvss 7.0epss 0.00

    A potential authentication bypass was reported in Lenovo Smart Connect for Windows that could allow a local authenticated user to execute arbitrary code with elevated privileges.

  • CVE-2025-10238MedJun 10, 2026
    risk 0.44cvss 6.7epss 0.00

    During an internal security assessment, a potential out-of-bounds write vulnerability was discovered in the BIOS of some ThinkPad products could allow a privileged local user to execute code in System Management Mode (SMM).

  • CVE-2025-10237MedJun 10, 2026
    risk 0.44cvss 6.7epss 0.00

    During an internal security assessment, a potential vulnerability was discovered in some ThinkPad embedded controller firmware that could allow a privileged local user to perform arbitrary reads or writes to privileged memory regions.

  • CVE-2026-1636MedApr 15, 2026
    risk 0.44cvss 6.7epss 0.00

    A potential DLL hijacking vulnerability was reported in Lenovo Service Bridge that, under certain conditions, could allow a local authenticated user to execute code with elevated privileges.

  • CVE-2025-4371MedAug 18, 2025
    risk 0.44cvss 6.8epss 0.00

    A potential vulnerability was reported in the Lenovo 510 FHD and Performance FHD web cameras that could allow an attacker with physical access to write arbitrary firmware updates to the device over a USB connection.

  • CVE-2025-4657MedJul 17, 2025
    risk 0.44cvss 6.7epss 0.00

    A buffer overflow vulnerability was reported in the Lenovo Protection Driver, prior to version 5.1.1110.4231, used in Lenovo PC Manager, Lenovo Browser, and Lenovo App Store could allow a local attacker with elevated privileges to execute arbitrary code.

  • CVE-2025-1729MedJul 17, 2025
    risk 0.44cvss 6.7epss 0.00

    A DLL hijacking vulnerability was reported in TrackPoint Quick Menu software that, under certain conditions, could allow a local attacker to escalate privileges.

  • CVE-2024-45102MedJan 14, 2025
    risk 0.44cvss 6.8epss 0.00

    A privilege escalation vulnerability was discovered that could allow a valid, authenticated LXCA user to escalate their permissions for a connected XCC instance when using LXCA as a Single Sign On (SSO) provider for XCC instances.

  • CVE-2024-7756MedSep 13, 2024
    risk 0.44cvss 6.8epss 0.00

    A potential vulnerability was reported in the ThinkPad L390 Yoga and 10w Notebook that could allow a local attacker to escalate privileges by accessing an embedded UEFI shell.

  • CVE-2024-4550MedSep 13, 2024
    risk 0.44cvss 6.7epss 0.00

    A potential buffer overflow vulnerability was reported in some Lenovo ThinkSystem and ThinkStation products that could allow a local attacker with elevated privileges to execute arbitrary code.

  • CVE-2024-45105MedSep 13, 2024
    risk 0.44cvss 6.7epss 0.00

    An internal product security audit discovered a UEFI SMM (System Management Mode) callout vulnerability in some ThinkSystem servers that could allow a local attacker with elevated privileges to execute arbitrary code.

  • CVE-2024-23593MedApr 15, 2024
    risk 0.44cvss 6.7epss 0.00

    A vulnerability was reported in a system recovery bootloader that was part of the Lenovo preloaded Windows 7 and 8 operating systems from 2012 to 2014 that could allow a privileged attacker with local access to modify the boot manager and escalate privileges.

  • CVE-2023-25493MedApr 5, 2024
    risk 0.44cvss 6.7epss 0.00

    A potential vulnerability was reported in the BIOS update tool driver for some Desktop, Smart Edge, Smart Office, and ThinkStation products that could allow a local user with elevated privileges to execute arbitrary code.

  • CVE-2018-9062MedJul 19, 2018
    risk 0.44cvss 6.8epss 0.01

    In some Lenovo ThinkPad products, one BIOS region is not properly included in the checks, allowing injection of arbitrary code.

  • CVE-2015-3321MedOct 3, 2017
    risk 0.44cvss 6.7epss 0.00

    Services and files in Lenovo Fingerprint Manager before 8.01.42 have incorrect ACLs, which allows local users to invalidate local checks and gain privileges via standard filesystem operations.

  • CVE-2017-3763MedSep 22, 2017
    risk 0.44cvss 6.7epss 0.00

    An attacker who obtains access to the location where the LXCA file system is stored may be able to access credentials of local LXCA accounts in LXCA versions earlier than 1.3.2.

  • CVE-2017-3753MedAug 10, 2017
    risk 0.44cvss 6.8epss 0.01

    A vulnerability has been identified in some Lenovo products that use UEFI (BIOS) code developed by American Megatrends, Inc. (AMI). With this vulnerability, conditions exist where an attacker with administrative privileges or physical access to a system may be able to run…

  • CVE-2017-3754MedJul 17, 2017
    risk 0.44cvss 6.7epss 0.00

    Some Lenovo brand notebook systems do not have write protections properly configured in the system BIOS. This could enable an attacker with physical or administrative access to a system to be able to flash the BIOS with an arbitrary image and potentially run malicious BIOS code.

  • CVE-2026-4135MedApr 15, 2026
    risk 0.43cvss 6.6epss 0.00

    During an internal security assessment, a potential vulnerability was discovered in Lenovo Software Fix, that during installation could allow a local authenticated user to perform an arbitrary file write with elevated privileges.

  • CVE-2025-8421MedNov 12, 2025
    risk 0.43cvss 6.6epss 0.00

    An improper default permission vulnerability was reported in Lenovo Dock Manager that, under certain conditions during installation, could allow an authenticated local user to redirect log files with elevated privileges.

  • CVE-2026-0421MedJan 14, 2026
    risk 0.42cvss 6.5epss 0.00

    A potential vulnerability was reported in the BIOS of L13 Gen 6, L13 Gen 6 2-in-1, L14 Gen 6, and L16 Gen 2 ThinkPads which could result in Secure Boot being disabled even when configured as “On” in the BIOS setup menu. This issue only affects systems where Secure Boot is…

  • CVE-2024-6004MedAug 16, 2024
    risk 0.42cvss 6.5epss 0.00

    A denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to deny printer connections until the system is rebooted.

  • CVE-2024-4781MedAug 16, 2024
    risk 0.42cvss 6.5epss 0.00

    A denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to crash printer communications until the system is rebooted.

  • CVE-2024-23594MedApr 15, 2024
    risk 0.42cvss 6.4epss 0.00

    A buffer overflow vulnerability was reported in a system recovery bootloader that was part of the Lenovo preloaded Windows 7 and 8 operating systems from 2012 to 2014 that could allow a privileged attacker with local access to execute arbitrary code.

  • CVE-2023-4605MedApr 5, 2024
    risk 0.42cvss 6.5epss 0.00

    A valid authenticated Lenovo XClarity Administrator (LXCA) user can potentially leverage an unauthenticated API endpoint to retrieve system event information.

  • CVE-2018-9074MedSep 28, 2018
    risk 0.42cvss 6.5epss 0.01

    For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, the file upload functionality of the Content Explorer application is vulnerable to path traversal. As a result, users can upload files anywhere on the device's operating system as the root user.

  • CVE-2018-9070MedJul 13, 2018
    risk 0.42cvss 6.4epss 0.00

    For the Lenovo Smart Assistant Android app versions earlier than 12.1.82, an attacker with physical access to the smart speaker can, by pressing a specific button sequence, enter factory test mode and enable a web service intended for testing the device. As with most test modes,…

  • CVE-2017-3750MedJun 29, 2017
    risk 0.42cvss 6.4epss 0.00

    On Lenovo VIBE mobile phones, the Lenovo Security Android application allows private data to be backed up and restored via Android Debug Bridge, which allows tampering leading to privilege escalation in conjunction with CVE-2017-3748 and CVE-2017-3749.

  • CVE-2017-3749MedJun 29, 2017
    risk 0.42cvss 6.4epss 0.00

    On Lenovo VIBE mobile phones, the Idea Friend Android application allows private data to be backed up and restored via Android Debug Bridge, which allows tampering leading to privilege escalation in conjunction with CVE-2017-3748 and CVE-2017-3750.

  • CVE-2017-3744MedJun 20, 2017
    risk 0.42cvss 6.5epss 0.01

    In the IMM2 firmware of Lenovo System x servers, remote commands issued by LXCA or other utilities may be captured in the First Failure Data Capture (FFDC) service log if the service log is generated when that remote command is running. Captured command data may contain clear…

  • CVE-2016-6257MedAug 2, 2016
    risk 0.42cvss 6.5epss 0.01

    The firmware in Lenovo Ultraslim dongles, as used with Lenovo Liteon SK-8861, Ultraslim Wireless, and Silver Silk keyboards and Liteon ZTM600 and Ultraslim Wireless mice, does not enforce incrementing AES counters, which allows remote attackers to inject encrypted keyboard input…

  • CVE-2024-23592MedApr 5, 2024
    risk 0.41cvss 6.3epss 0.00

    An authentication bypass vulnerability was reported in Lenovo devices with Synaptics fingerprint readers that could allow an attacker with physical access to replay fingerprints and bypass Windows Hello authentication.

  • CVE-2016-8232MedMar 1, 2017
    risk 0.40cvss 6.1epss 0.01

    Document Object Model-(DOM) based cross-site scripting vulnerability in the Advanced Management Module (AMM) versions earlier than 66Z of Lenovo IBM BladeCenter HS22, HS22V, HS23, HS23E, HX5 allows an unauthenticated attacker with access to the AMM's IP address to send a crafted…

  • CVE-2016-4783MedMay 23, 2016
    risk 0.40cvss 6.1epss 0.01

    Cross-site scripting (XSS) vulnerability in Lenovo SHAREit before 3.5.98_ww on Android before 4.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Universal XSS (UXSS)."

  • CVE-2016-1492MedJan 26, 2016
    risk 0.40cvss 6.1epss 0.02

    The Wifi hotspot in Lenovo SHAREit before 3.5.48_ww for Android, when configured to receive files, does not require a password, which makes it easier for remote attackers to obtain access by leveraging a position within the WLAN coverage area.

  • CVE-2016-8106MedJan 9, 2017
    risk 0.39cvss 5.9epss 0.05

    A Denial of Service in Intel Ethernet Controller's X710/XL710 with Non-Volatile Memory Images before version 5.05 allows a remote attacker to stop the controller from processing network traffic working under certain network use conditions.

  • CVE-2016-1344MedMar 26, 2016
    risk 0.39cvss 5.9epss 0.03

    The IKEv2 implementation in Cisco IOS 15.0 through 15.6 and IOS XE 3.3 through 3.17 allows remote attackers to cause a denial of service (device reload) via fragmented packets, aka Bug ID CSCux38417.

  • CVE-2018-9069MedOct 2, 2018
    risk 0.38cvss 5.9epss 0.01

    In some Lenovo IdeaPad consumer notebook models, a race condition in the BIOS flash device locking mechanism is not adequately protected against, potentially allowing an attacker with administrator access to alter the contents of BIOS.

  • CVE-2018-9080MedSep 28, 2018
    risk 0.38cvss 5.9epss 0.01

    For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, by setting the Iomega cookie to a known value before logging into the NAS's web application, the NAS will not provide the user a new cookie value. This allows an attacker who knows the cookie's…

  • CVE-2025-13454MedJan 14, 2026
    risk 0.36cvss 5.5epss 0.00

    A potential vulnerability was reported in ThinkPlus configuration software that could allow a local authenticated user to gain access to sensitive device information.

  • CVE-2025-13154MedJan 14, 2026
    risk 0.36cvss 5.5epss 0.00

    An improper link following vulnerability was reported in the SmartPerformanceAddin for Lenovo Vantage that could allow an authenticated local user to perform an arbitrary file deletion with elevated privileges.

  • CVE-2025-9548MedOct 15, 2025
    risk 0.36cvss 5.5epss 0.00

    A potential null pointer dereference vulnerability was reported in the Lenovo Power Management Driver that could allow a local authenticated user to cause a Windows blue screen error.

  • CVE-2017-3747MedJun 29, 2017
    risk 0.36cvss 5.5epss 0.00

    Privilege escalation vulnerability in Lenovo Nerve Center for Windows 10 on Desktop systems (Lenovo Nerve Center for notebook systems is not affected) that could allow an attacker with local privileges on a system to alter registry keys.

  • CVE-2017-3740MedJun 4, 2017
    risk 0.36cvss 5.5epss 0.00

    In Lenovo Active Protection System before 1.82.0.14, an attacker with local privileges could send commands to the system's embedded controller, which could cause a denial of service attack on the system or the ability to alter hardware functionality.

  • CVE-2016-5248MedJun 30, 2016
    risk 0.36cvss 5.5epss 0.00

    The StopProxy command in LSC.Services.SystemService in Lenovo Solution Center before 3.3.003 allows local users to terminate arbitrary processes via the PID argument.

  • CVE-2025-9214MedSep 11, 2025
    risk 0.35cvss 5.4epss 0.00

    A missing authentication vulnerability was reported in some Lenovo printers that could allow a user to view limited device information or modify network settings via the CUPS service.

  • CVE-2017-3764MedNov 30, 2017
    risk 0.35cvss 5.3epss 0.01

    A vulnerability was identified in Lenovo XClarity Administrator (LXCA) before 1.4.0 where LXCA user account names may be exposed to unauthenticated users with access to the LXCA web user interface. No password information of the user accounts is exposed.

  • CVE-2015-8108MedApr 12, 2016
    risk 0.35cvss 5.3epss 0.01

    The management interface in LenovoEMC EZ Media & Backup (hm3), ix2/ix2-dl, ix4-300d, px12-400r/450r, px6-300d, px2-300d, px4-300r, px4-400d, px4-400r, and px4-300d NAS devices with firmware before 4.1.204.33661 allows remote attackers to obtain sensitive device information via…

  • CVE-2025-12047MedNov 12, 2025
    risk 0.34cvss 5.3epss 0.00

    A vulnerability was reported in the Lenovo Scanner pro application during an internal security assessment that, under certain circumstances, could allow an attacker on the same logical network to disclose sensitive user files from the application.

Page 3 of 10