384 matches found
EUVD-2026-11359
An input validation vulnerability was reported in the DeviceSettingsSystemAddin used in Lenovo Vantage and Lenovo Baiying that could allow a local authenticated user to delete arbitrary registry keys with elevated privileges...
EUVD-2026-11365
During an internal security assessment, a potential vulnerability was discovered in Lenovo PC Manager that could allow a local authenticated user to terminate privileged processes...
EUVD-2026-11350
A potential vulnerability was reported in the Lenovo FileZ Android application that, under certain conditions, could allow a local authenticated user to retrieve some sensitive data stored in a log file...
CVE-2026-2640
During an internal security assessment, a potential vulnerability was discovered in Lenovo PC Manager that could allow a local authenticated user to terminate privileged processes...
CVE-2026-1653
A potential divide by zero vulnerability was reported in the Lenovo Virtual Bus driver used in Smart Connect that could allow a local authenticated user to cause a Windows blue screen error...
CVE-2026-1652
A potential buffer overflow vulnerability was reported in the Lenovo Virtual Bus driver used in Smart Connect that could allow a local authenticated user to corrupt memory and cause a Windows blue screen error...
CVE-2026-2640
CVE-2026-2640 affects Lenovo PC Manager. A local authenticated user could terminate privileged processes. CVSS metrics from Lenovo PSIRT: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (3.1) and CVSS v4.0: AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/SC:N/VI:N/SI:N/VA:H. No explicit root cause, affected component version,...
CVE-2026-2640
During an internal security assessment, a potential vulnerability was discovered in Lenovo PC Manager that could allow a local authenticated user to terminate privileged processes...
CVE-2026-2640
During an internal security assessment, a potential vulnerability was discovered in Lenovo PC Manager that could allow a local authenticated user to terminate privileged processes...
CVE-2026-2640
During an internal security assessment, a potential vulnerability was discovered in Lenovo PC Manager that could allow a local authenticated user to terminate privileged processes...
CVE-2026-1717
CVE-2026-1717 affects the LenovoProductivitySystemAddin used in Lenovo Vantage and Lenovo Baiying. An input validation vulnerability allows a local authenticated user to terminate arbitrary processes with elevated privileges. The advisory provides two CVSS assessments: CVSSv3.1 base score 5.5 (LO...
CVE-2026-1717
An input validation vulnerability was reported in the LenovoProductivitySystemAddin used in Lenovo Vantage and Lenovo Baiying that could allow a local authenticated user to terminate arbitrary processes with elevated privileges...
CVE-2026-1715
An input validation vulnerability was reported in the DeviceSettingsSystemAddin used in Lenovo Vantage and Lenovo Baiying that could allow a local authenticated user to modify arbitrary registry keys with elevated privileges...
CVE-2026-1715
An input validation vulnerability was reported in the DeviceSettingsSystemAddin used in Lenovo Vantage and Lenovo Baiying that could allow a local authenticated user to modify arbitrary registry keys with elevated privileges...
CVE-2026-1653
A potential divide by zero vulnerability was reported in the Lenovo Virtual Bus driver used in Smart Connect that could allow a local authenticated user to cause a Windows blue screen error...
CVE-2026-1653
CVE-2026-1653 relates to the Lenovo Virtual Bus driver in Smart Connect. The advisory describes a potential divide-by-zero condition that could allow a local authenticated user to trigger a Windows blue screen (BSOD), impacting availability. The CVSS metrics indicate local attack vector/low compl...
CVE-2026-1652
A potential buffer overflow vulnerability was reported in the Lenovo Virtual Bus driver used in Smart Connect that could allow a local authenticated user to corrupt memory and cause a Windows blue screen error...
CVE-2026-1652
A potential buffer overflow vulnerability was reported in the Lenovo Virtual Bus driver used in Smart Connect that could allow a local authenticated user to corrupt memory and cause a Windows blue screen error...
CVE-2026-0520
A potential vulnerability was reported in the Lenovo FileZ Android application that, under certain conditions, could allow a local authenticated user to retrieve some sensitive data stored in a log file...
CVE-2026-0520
Lenovo FileZ Android app vulnerability CVE-2026-0520: under certain conditions, a local authenticated user could retrieve some sensitive data stored in a log file. Exploitation details are not provided in the documents. CVSS v3.1/v4.0 indicate low impact (Confidentiality LOW, Privileges LOW, User...