Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

RedhatCVE
RedhatCVEadded 2026/01/09 9:26 a.m.4 views

CVE-2023-4608

An authenticated XCC user with elevated privileges can perform blind SQL injection in limited cases through a crafted API command. This affects ThinkSystem v2 and v3 servers with XCC; ThinkSystem v1 servers are not affected...

7.2CVSS7.8AI score0.00095EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2024-41310

Malicious code in bioql PyPI...

6.7CVSS6.6AI score0.0008EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2023-54459

Malicious code in bioql PyPI...

8.1CVSS8AI score0.00117EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 10:33 a.m.5 views

CVE-2024-45105

An internal product security audit discovered a UEFI SMM System Management Mode callout vulnerability in some ThinkSystem servers that could allow a local attacker with elevated privileges to execute arbitrary code...

6.7CVSS7.4AI score0.0008EPSS
Exploits0
RedhatCVE
RedhatCVEadded 2025/05/23 4:45 a.m.6 views

CVE-2023-4606

An authenticated XCC user with Read-Only permission can change a different user’s password through a crafted API command. This affects ThinkSystem v2 and v3 servers with XCC; ThinkSystem v1 servers are not affected...

8.1CVSS6.9AI score0.00117EPSS
Exploits0References1
NVD
NVDadded 2024/09/13 6:15 p.m.10 views

CVE-2024-45105

An internal product security audit discovered a UEFI SMM System Management Mode callout vulnerability in some ThinkSystem servers that could allow a local attacker with elevated privileges to execute arbitrary code...

6.7CVSS0.0008EPSS
Exploits0References1
CVE
CVEadded 2024/09/13 5:29 p.m.46 views

CVE-2024-45105

Summary: CVE-2024-45105 describes a UEFI SMM callout vulnerability affecting Lenovo ThinkSystem servers. The issue could allow a local attacker with elevated privileges to execute arbitrary code via a SMM callout. The CVSS vectors indicate local access, low attack complexity, but required high pr...

6.7CVSS6.9AI score0.0008EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2024/09/13 5:29 p.m.10 views

CVE-2024-45105

An internal product security audit discovered a UEFI SMM System Management Mode callout vulnerability in some ThinkSystem servers that could allow a local attacker with elevated privileges to execute arbitrary code...

6.7CVSS7.4AI score0.0008EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2024/09/13 12:0 a.m.3 views

PT-2024-31435 · Lenovo · Lenovo Thinksystem Servers

Name of the Vulnerable Software and Affected Versions: Lenovo ThinkSystem servers affected versions not specified Description: An internal product security audit discovered a UEFI SMM System Management Mode callout issue in certain ThinkSystem servers. This could allow a local attacker with...

6.7CVSS7.5AI score0.0008EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2023/10/24 12:0 a.m.1 views

PT-2023-29817 · Lenovo · Thinksystem

Name of the Vulnerable Software and Affected Versions: ThinkSystem versions v2 and v3 Description: An authenticated XCC user with Read-Only permission can change a different user’s password through a crafted API command. This issue affects ThinkSystem servers with XCC. Recommendations: For...

8.1CVSS7.9AI score0.00117EPSS
Exploits0References3
Rows per page
Query Builder