Lucene search

K

System Interface Foundation Security Vulnerabilities

cve
cve

CVE-2021-3969

A Time of Check Time of Use (TOCTOU) vulnerability was reported in IMController, a software component of Lenovo System Interface Foundation, prior to version 1.1.20.3that could allow a local attacker to elevate...

7.8CVSS

6.7AI Score

0.0004EPSS

2022-05-18 04:15 PM
42
2
cve
cve

CVE-2021-3922

A race condition vulnerability was reported in IMController, a software component of Lenovo System Interface Foundation, prior to version 1.1.20.3 that could allow a local attacker to connect and interact with the IMController child process' named...

7.8CVSS

6.6AI Score

0.0004EPSS

2022-05-18 04:15 PM
38
2
cve
cve

CVE-2021-45105

Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted string is interpreted. This issue...

5.9CVSS

7.5AI Score

0.966EPSS

2021-12-18 12:15 PM
752
In Wild
4
cve
cve

CVE-2020-8346

A denial of service vulnerability was reported in the Lenovo Vantage component called Lenovo System Interface Foundation prior to version 1.1.19.5 that could allow configuration files to be written to non-standard...

5.5CVSS

5.4AI Score

0.0004EPSS

2020-09-15 03:15 PM
21
cve
cve

CVE-2020-8324

A vulnerability was reported in LenovoAppScenarioPluginSystem for Lenovo System Interface Foundation prior to version 1.2.184.31 that could allow unsigned DLL files to be...

5.5CVSS

6.2AI Score

0.0004EPSS

2020-04-14 09:15 PM
51
cve
cve

CVE-2020-8319

A privilege escalation vulnerability was reported in Lenovo System Interface Foundation prior to version 1.1.19.3 that could allow an authenticated user to execute code with elevated...

7.8CVSS

7.8AI Score

0.0004EPSS

2020-04-14 09:15 PM
50
cve
cve

CVE-2020-8318

A privilege escalation vulnerability was reported in the LenovoSystemUpdatePlugin for Lenovo System Interface Foundation prior to version that could allow an authenticated user to execute code with elevated...

7.8CVSS

7.8AI Score

0.0004EPSS

2020-04-14 09:15 PM
49
cve
cve

CVE-2019-6189

A potential vulnerability was reported in Lenovo System Interface Foundation versions before v1.1.18.3 that could allow an administrative user to load an unsigned...

7.8CVSS

8.1AI Score

0.001EPSS

2019-11-20 02:15 AM
69
cve
cve

CVE-2019-6186

A potential vulnerability was reported in Lenovo System Interface Foundation versions before v1.1.18.3 that could allow an authenticated user to execute code as another...

8.8CVSS

8.6AI Score

0.001EPSS

2019-11-20 02:15 AM
72
cve
cve

CVE-2016-8223

During an internal security review, Lenovo identified a local privilege escalation vulnerability in Lenovo System Interface Foundation software installed on some Windows 10 PCs where a user with local privileges could run arbitrary code with administrator level...

7.8CVSS

7.8AI Score

0.0004EPSS

2016-11-29 08:59 PM
23