Lucene search
+L

4467 matches found

EUVD
EUVD
added 2 days ago5 views

EUVD-2026-44978

The Lenovo XClarity Integrator for Windows Admin Center plugin version 5.1.1 and below running on the WAC Gateway is vulnerable to Powershell Command Injection when establishing remote PowerShell commands...

8.8CVSS6.1AI score0.00757EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2 days ago4 views

CVE-2026-14371

The Lenovo XClarity Integrator for Windows Admin Center plugin version 5.1.1 and below running on the WAC Gateway is vulnerable to Powershell Command Injection when establishing remote PowerShell commands...

8.8CVSS6.1AI score0.00757EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2 days ago7 views

CVE-2026-13104

Technical details for CVE-2026-13104 are not publicly available in the provided documents. Monitor for updates from Lenovo and security advisories; current entries only note a local authenticated arbitrary-code risk with elevated privileges.

7.3CVSS6.3AI score0.00112EPSS
Exploits0References1
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-44977

A potential vulnerability was reported in Lenovo App Store, distributed exclusively in the Chinese market, that could allow a local authenticated user to execute arbitrary code with elevated privileges...

7.3CVSS6.3AI score0.00112EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2 days ago4 views

CVE-2026-13104

A potential vulnerability was reported in Lenovo App Store, distributed exclusively in the Chinese market, that could allow a local authenticated user to execute arbitrary code with elevated privileges...

7.3CVSS6.3AI score0.00112EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2 days ago4 views

CVE-2026-13103

A potential path traversal vulnerability was reported in Lenovo App Store, distributed exclusively in the Chinese market, that could allow a local authenticated user to execute arbitrary code...

7.3CVSS6.3AI score0.00132EPSS
Exploits0References2
CVE
CVE
added 2 days ago9 views

CVE-2026-13103

Lenovo App Store (Chinese market) contains a path traversal vulnerability allowing a local authenticated user to execute arbitrary code. The issue affects the package/component handling file paths, with impact on confidentiality, integrity, and availability reported as high. CVSS: from the report...

7.3CVSS6.3AI score0.00132EPSS
Exploits0References1
EUVD
EUVD
added 2 days ago6 views

EUVD-2026-44976

A potential path traversal vulnerability was reported in Lenovo App Store, distributed exclusively in the Chinese market, that could allow a local authenticated user to execute arbitrary code...

7.3CVSS6.3AI score0.00132EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2 days ago5 views

CVE-2026-9046

A potential insecure permissions vulnerability was reported in Legion Zone and the Lenovo App Store Windows applications, distributed exclusively in the Chinese market, that when installed on a non‑system partition, could allow a local user to execute arbitrary code...

7.3CVSS6.3AI score0.00085EPSS
Exploits0References2
CVE
CVE
added 2 days ago9 views

CVE-2026-9046

CVE-2026-9046 describes an insecure-permissions issue affecting Windows deployments of Legion Zone and Lenovo App Store (Chinese market). When installed on a non-system partition, a local user could potentially execute arbitrary code due to insufficient access controls. The vulnerability is class...

7.3CVSS6.3AI score0.00085EPSS
Exploits0References1
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-44975

A potential insecure permissions vulnerability was reported in Legion Zone and the Lenovo App Store Windows applications, distributed exclusively in the Chinese market, that when installed on a non‑system partition, could allow a local user to execute arbitrary code...

7.3CVSS6.3AI score0.00085EPSS
Exploits0References1
EUVD
EUVD
added 2 days ago7 views

EUVD-2026-44974

During an internal security assessment, a potential improper access control vulnerability was discovered in Lenovo Smart Connect for Windows that could allow a local authenticated user to access files owned by a different user on the same system...

6.8CVSS6.1AI score0.00134EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2 days ago5 views

CVE-2026-6511

During an internal security assessment, a potential improper access control vulnerability was discovered in Lenovo Smart Connect for Windows that could allow a local authenticated user to access files owned by a different user on the same system...

6.8CVSS6.1AI score0.00134EPSS
Exploits0References3
CVE
CVE
added 2 days ago10 views

CVE-2026-6511

CVE-2026-6511 : Lenovo Smart Connect for Windows is reported to have an improper access control vulnerability that could allow a local authenticated user to access files owned by another user on the same system. The issue is described as local, with low attack complexity and the attack requires l...

6.8CVSS6.1AI score0.00134EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2 days ago10 views

PT-2026-60521

Name of the Vulnerable Software and Affected Versions Legion Zone affected versions not specified Lenovo App Store affected versions not specified Description Insecure permissions in the Legion Zone and Lenovo App Store Windows applications, distributed exclusively in the Chinese market, may allo...

7.3CVSS5.9AI score0.00085EPSS
Exploits0References3
CVE
CVE
added 2026/07/07 8:33 p.m.32 views

CVE-2026-58583

CVE-2026-58583 affects FluxInk Color Management Driver (TcnPeripheral64.sys) 1.0.7.2, enabling local privilege escalation for a standard user via arbitrary physical memory mapping at \Device\PhysicalMemory. Root cause: memory mapping vulnerability in the driver. Impact: potential elevation of pri...

8.4CVSS6AI score0.00101EPSS
Exploits0References4
EUVD
EUVD
added 2026/07/07 8:33 p.m.10 views

EUVD-2026-42094

FluxInk formerly Sunia SPB Peripheral Color Management Driver TcnPeripheral64.sys 1.0.7.2 allows local privilege escalation for a standard user account via arbitrary physical memory mapping at \Device\PhysicalMemory. Fixed in version 1.0.7.6. The fixed driver is currently available in the Windows...

8.4CVSS6AI score0.00101EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/07/07 8:33 p.m.8 views

CVE-2026-58583

FluxInk formerly Sunia SPB Peripheral Color Management Driver TcnPeripheral64.sys 1.0.7.2 allows local privilege escalation for a standard user account via arbitrary physical memory mapping at \Device\PhysicalMemory. Fixed in version 1.0.7.6. The fixed driver is currently available in the Windows...

8.4CVSS6AI score0.00101EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/11 2:59 p.m.12 views

CVE-2026-7516

A vulnerability was identified in the Lenovo Android Application, distributed exclusively on tablets in the Chinese market, that could allow a website visited by the built-in browser to overwrite system clipboard contents...

5.1CVSS5.5AI score0.00171EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/11 2:59 p.m.18 views

CVE-2026-6090

A potential authentication bypass was reported in Lenovo Smart Connect for Windows that could allow a local authenticated user to execute arbitrary code with elevated privileges...

7.3CVSS6AI score0.00108EPSS
Exploits0References1
Rows per page
Query Builder