Lucene search
K

14 matches found

Vulnrichment
Vulnrichment
added 2026/06/10 2:11 p.m.8 views

CVE-2025-10238

During an internal security assessment, a potential out-of-bounds write vulnerability was discovered in the BIOS of some ThinkPad products could allow a privileged local user to execute code in System Management Mode SMM...

8.4CVSS5.7AI score0.00121EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/15 12:28 p.m.3 views

CVE-2026-4134

During an internal security assessment, a potential vulnerability was discovered in Lenovo Software Fix, that during installation could allow a local authenticated user to execute code with elevated privileges...

7.3CVSS5.9AI score0.00114EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/15 12:0 a.m.6 views

PT-2026-33059

During an internal security assessment, a potential vulnerability was discovered in Lenovo Software Fix, that during installation could allow a local authenticated user to execute code with elevated privileges...

7.3CVSS5.9AI score0.00114EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/15 12:0 a.m.10 views

PT-2026-33061

During an internal security assessment, a potential vulnerability was discovered in Lenovo Software Fix that could allow a local authenticated user to perform arbitrary code execution with elevated privileges...

8.5CVSS6.3AI score0.00196EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/11/13 8:3 p.m.4 views

CVE-2025-12048

An arbitrary file upload vulnerability was reported in the Lenovo Scanner Pro client during an internal security assessment that could allow remote code execution or unauthorized control of the affected system...

7.7CVSS8.3AI score0.00221EPSS
Exploits0References1
NVD
NVD
added 2025/11/12 8:15 p.m.10 views

CVE-2025-12047

A vulnerability was reported in the Lenovo Scanner pro application during an internal security assessment that, under certain circumstances, could allow an attacker on the same logical network to disclose sensitive user files from the application...

6CVSS0.00168EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/12 7:19 p.m.2 views

CVE-2025-12048

An arbitrary file upload vulnerability was reported in the Lenovo Scanner Pro client during an internal security assessment that could allow remote code execution or unauthorized control of the affected system...

7.7CVSS7.9AI score0.00221EPSS
Exploits0References1
CVE
CVE
added 2025/11/12 7:18 p.m.11 views

CVE-2025-12047

Lenovo Scanner Pro is reported to have a vulnerability that, under certain conditions during an internal security assessment, could allow an attacker on the same logical network to disclose sensitive user files from the application. The available documents provide a high-level impact description ...

6CVSS6.1AI score0.00168EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/12 7:18 p.m.2 views

CVE-2025-12047

A vulnerability was reported in the Lenovo Scanner pro application during an internal security assessment that, under certain circumstances, could allow an attacker on the same logical network to disclose sensitive user files from the application...

6CVSS6.1AI score0.00168EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/13 7:28 p.m.6 views

CVE-2025-9201

A potential DLL hijacking vulnerability was discovered in Lenovo Browser during an internal security assessment that could allow a local user to execute code with elevated privileges...

8.5CVSS7.1AI score0.00155EPSS
Exploits0References1
CVE
CVE
added 2025/09/11 6:32 p.m.16 views

CVE-2025-9201

CVE-2025-9201 corresponds to a DLL hijacking vulnerability in Lenovo Browser that could allow a local user to execute code with elevated privileges. Connected sources explicitly reference Lenovo Browser and describe the issue as a local privilege escalation via DLL hijacking, but they do not prov...

8.5CVSS6.8AI score0.00155EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/14 5:26 a.m.11 views

CVE-2025-7622

During an internal security assessment, a Server-Side Request Forgery SSRF vulnerability that allowed an authenticated attacker to access internal resources on the server was discovered...

5.1CVSS7.1AI score0.00151EPSS
Exploits0References1
CVE
CVE
added 2025/08/12 5:9 a.m.25 views

CVE-2025-7622

CVE-2025-7622 describes a Server-Side Request Forgery (SSRF) vulnerability affecting Axis Camera Station/Axis Camera Station Pro, observed during internal security assessments. The authenticated attacker could access internal server resources via SSRF. The core issue is an SSRF condition that ena...

5.7CVSS7AI score0.00151EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2025/08/12 5:9 a.m.6 views

CVE-2025-7622

During an internal security assessment, a Server-Side Request Forgery SSRF vulnerability that allowed an authenticated attacker to access internal resources on the server was discovered...

5.1CVSS0.00151EPSS
Exploits0References1
Rows per page
Query Builder