Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1255 matches found

Vulnrichment
Vulnrichmentadded 2023/01/23 4:11 p.m.5 views

CVE-2022-3430

A potential vulnerability in the WMI Setup driver on some consumer Lenovo Notebook devices may allow an attacker with elevated privileges to modify secure boot setting by modifying an NVRAM variable...

6.7CVSS7.1AI score0.00049EPSS
Exploits0References1
Cvelist
Cvelistadded 2023/01/23 4:11 p.m.18 views

CVE-2022-3430

A potential vulnerability in the WMI Setup driver on some consumer Lenovo Notebook devices may allow an attacker with elevated privileges to modify secure boot setting by modifying an NVRAM variable...

6.7CVSS6.7AI score0.00049EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2023/01/23 3:31 p.m.4 views

CVE-2022-1892

A buffer overflow in the SystemBootManagerDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to execute arbitrary code...

6.7CVSS8AI score0.00043EPSS
Exploits0References1
CVE
CVEadded 2023/01/23 3:31 p.m.50 views

CVE-2022-1892

CVE-2022-1892: A buffer overflow in Lenovo SystemBootManagerDxe (and related ReadyBootDxe/SystemLoadDefaultDxe drivers) is caused by insufficient validation of the DataSize NVRAM variable, enabling local privilege escalation and arbitrary code execution on affected Lenovo Notebook firmware. Mitig...

7.8CVSS8AI score0.00043EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2023/01/23 3:31 p.m.15 views

CVE-2022-1892

A buffer overflow in the SystemBootManagerDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to execute arbitrary code...

6.7CVSS8.2AI score0.00043EPSS
Exploits0References1
Cvelist
Cvelistadded 2023/01/23 3:25 p.m.16 views

CVE-2022-1891

A buffer overflow in the SystemLoadDefaultDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to execute arbitrary code...

6.7CVSS8.2AI score0.00043EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2023/01/23 3:25 p.m.6 views

CVE-2022-1891

A buffer overflow in the SystemLoadDefaultDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to execute arbitrary code...

6.7CVSS7.4AI score0.00043EPSS
Exploits0References1
CVE
CVEadded 2023/01/23 3:25 p.m.48 views

CVE-2022-1891

CVE-2022-1891 concerns a buffer overflow in Lenovo Notebook firmware, specifically the SystemLoadDefaultDxe driver (also involving ReadyBootDxe and SystemBootManagerDxe). The root cause is insufficient validation of an NVRAM DataSize variable, enabling local privilege escalation to arbitrary code...

7.8CVSS8AI score0.00043EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2023/01/23 3:18 p.m.19 views

CVE-2022-1890

A buffer overflow in the ReadyBootDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to execute arbitrary code...

6.7CVSS8.2AI score0.00043EPSS
Exploits0References1
CVE
CVEadded 2023/01/23 3:18 p.m.39 views

CVE-2022-1890

CVE-2022-1890 affects Lenovo Notebook products via a buffer overflow in the ReadyBootDxe driver (and related drivers ReadyBootDxe/SystemLoadDefaultDxe/SystemBootManagerDxe). The root cause is insufficient validation of an NVRAM variable (DataSize), enabling local-privilege arbitrary code executio...

7.8CVSS8AI score0.00043EPSS
Exploits0References1Affected Software1
CNNVD
CNNVDadded 2023/01/23 12:0 a.m.3 views

Lenovo Notebook 安全漏洞

Lenovo Notebook is a laptop computer from Lenovo, a Chinese company. The Lenovo Notebook suffers from a security vulnerability that stems from a potential flaw in the WMI installation driver, which could allow an attacker with elevated privileges to modify the secure boot settings by modifying th...

6.7CVSS6.8AI score0.00049EPSS
Exploits0References2
CNVD
CNVDadded 2022/12/20 12:0 a.m.25 views

Apache Zeppelin input validation error vulnerability

Apache Zeppelin is a Web-based open source notebook application from the Apache Foundation that supports interactive data analysis and collaborative documentation. Apache Zeppelin is vulnerable to an input validation error that results from improper input validation in its Move folder to Trash...

6.5CVSS2.9AI score0.0032EPSS
Exploits0References1
NVD
NVDadded 2022/11/28 1:15 p.m.10 views

CVE-2022-4020

Vulnerability in the HQSwSmiDxe DXE driver on some consumer Acer Notebook devices may allow an attacker with elevated privileges to modify UEFI Secure Boot settings by modifying an NVRAM variable...

8.2CVSS0.00141EPSS
Exploits0References1
Prion
Prionadded 2022/11/28 1:15 p.m.17 views

Design/Logic Flaw

Vulnerability in the HQSwSmiDxe DXE driver on some consumer Acer Notebook devices may allow an attacker with elevated privileges to modify UEFI Secure Boot settings by modifying an NVRAM variable...

4CVSS7.9AI score0.00141EPSS
Exploits0References1
Cvelist
Cvelistadded 2022/11/28 1:0 p.m.12 views

CVE-2022-4020 Acer Aspire BIOS vulnerability

Vulnerability in the HQSwSmiDxe DXE driver on some consumer Acer Notebook devices may allow an attacker with elevated privileges to modify UEFI Secure Boot settings by modifying an NVRAM variable...

8.1CVSS8.3AI score0.00141EPSS
Exploits0References1
CVE
CVEadded 2022/11/28 1:0 p.m.68 views

CVE-2022-4020

CVE-2022-4020 affects Acer notebooks via the HQSwSmiDxe DXE driver. The vulnerability lets a user with elevated privileges modify an NVRAM variable to change UEFI Secure Boot settings, potentially disabling Secure Boot and enabling unsigned code execution at boot. Reported affected models include...

8.2CVSS8AI score0.00141EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologiesadded 2022/11/28 12:0 a.m.2 views

PT-2022-25278 · Acer · Acer Notebook

Name of the Vulnerable Software and Affected Versions: Acer Notebook devices affected versions not specified Description: The issue concerns a vulnerability in the HQSwSmiDxe DXE driver that may allow an attacker with elevated privileges to modify UEFI Secure Boot settings by changing an NVRAM...

8.2CVSS7.9AI score0.00141EPSS
Exploits0References8
Positive Technologies
Positive Technologiesadded 2022/11/10 12:0 a.m.4 views

PT-2022-22120 · Lenovo · Lenovo Notebook

Name of the Vulnerable Software and Affected Versions: Lenovo Notebook devices affected versions not specified Description: A potential issue in a driver used during the manufacturing process on some consumer Lenovo Notebook devices may allow an attacker with elevated privileges to modify secure...

7.8CVSS7.4AI score0.00035EPSS
Exploits0References6
Lenovo
Lenovoadded 2022/11/07 7:40 p.m.2 views

Lenovo Notebook BIOS Vulnerabilities - Lenovo Support US

No description provided...

7.3AI score
Exploits0
Lenovo
Lenovoadded 2022/10/31 4:1 p.m.4 views

Lenovo Notebook BIOS Vulnerabilities - Lenovo Support US

No description provided...

7.3AI score
Exploits0
Rows per page
Query Builder