Lucene search
K

64 matches found

Vulnrichment
Vulnrichment
added 2024/09/13 5:26 p.m.10 views

CVE-2024-4550

A potential buffer overflow vulnerability was reported in some Lenovo ThinkSystem and ThinkStation products that could allow a local attacker with elevated privileges to execute arbitrary code...

6.7CVSS7.7AI score0.00207EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/09/13 12:0 a.m.4 views

Lenovo ThinkSystem和Lenovo ThinkStation 安全漏洞

Lenovo ThinkSystem and Lenovo ThinkStation Lenovo Desktop Workstation are both products of Lenovo, a Chinese company.Lenovo ThinkSystem is a ThinkSystem series server appliance.Lenovo ThinkStation is a desktop workstation. A security vulnerability exists in Lenovo ThinkSystem and Lenovo...

6.7CVSS7.4AI score0.00207EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/09/13 12:0 a.m.6 views

PT-2024-31435 · Lenovo · Lenovo Thinksystem Servers

Name of the Vulnerable Software and Affected Versions: Lenovo ThinkSystem servers affected versions not specified Description: An internal product security audit discovered a UEFI SMM System Management Mode callout issue in certain ThinkSystem servers. This could allow a local attacker with...

6.7CVSS7.5AI score0.00168EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/09/13 12:0 a.m.5 views

Lenovo ThinkSystem 安全漏洞

Lenovo ThinkSystem is a ThinkSystem series server appliance from Lenovo, a Chinese company. A security vulnerability exists in the Lenovo ThinkSystem that stems from a UEFI system management mode vulnerability contained in the ThinkSystem that could allow a local attacker with elevated privileges...

6.7CVSS7AI score0.00168EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/09/13 12:0 a.m.5 views

PT-2024-31665 · Lenovo · Lenovo Thinksystem +1

Name of the Vulnerable Software and Affected Versions: Lenovo ThinkSystem and ThinkStation products affected versions not specified Description: A potential buffer overflow issue was reported in some Lenovo ThinkSystem and ThinkStation products. This could allow a local attacker with elevated...

6.7CVSS7.8AI score0.00207EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2024/08/26 11:15 a.m.15 views

CVE-2024-43889

In the Linux kernel, the following vulnerability has been resolved: padata: Fix possible divide-by-0 panic in padatamthelper We are hit with a not easily reproducible divide-by-0 panic in padata.c at bootup time. 10.017908 Oops: divide error: 0000 1 PREEMPT SMP NOPTI 10.017908 CPU: 26 PID: 2627...

5.5CVSS6.4AI score0.00237EPSS
Exploits0References18
Vulnrichment
Vulnrichment
added 2024/08/26 10:10 a.m.29 views

CVE-2024-43889 padata: Fix possible divide-by-0 panic in padata_mt_helper()

In the Linux kernel, the following vulnerability has been resolved: padata: Fix possible divide-by-0 panic in padatamthelper We are hit with a not easily reproducible divide-by-0 panic in padata.c at bootup time. 10.017908 Oops: divide error: 0000 1 PREEMPT SMP NOPTI 10.017908 CPU: 26 PID: 2627...

7AI score0.00237EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2024/08/26 10:10 a.m.15 views

CVE-2024-43889

In the Linux kernel, the following vulnerability has been resolved: padata: Fix possible divide-by-0 panic in padatamthelper We are hit with a not easily reproducible divide-by-0 panic in padata.c at bootup time. 10.017908 Oops: divide error: 0000 1 PREEMPT SMP NOPTI 10.017908 CPU: 26 PID: 2627...

5.5CVSS5.7AI score0.00237EPSS
Exploits0
NVD
NVD
added 2024/08/22 2:15 a.m.34 views

CVE-2022-48916

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix double listadd when enabling VMD in scalable mode When enabling VMD and IOMMU scalable mode, the following kernel panic call trace/kernel log is shown in Eagle Stream platform Sapphire Rapids CPU during booting: p...

5.5CVSS0.0021EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/08/22 1:32 a.m.17 views

CVE-2022-48916 iommu/vt-d: Fix double list_add when enabling VMD in scalable mode

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix double listadd when enabling VMD in scalable mode When enabling VMD and IOMMU scalable mode, the following kernel panic call trace/kernel log is shown in Eagle Stream platform Sapphire Rapids CPU during booting: p...

6.8AI score0.0021EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/05/20 12:0 a.m.7 views

The vulnerabilities of the System Management Module (SMM/SMM2) and the Fan Power Controller (FPC) in the microprogramming software for Lenovo ThinkSystem, ThinkAgile, NeXtScale storage systems, as well as Lenovo CP-CB-10 laptops, allow attackers to execute arbitrary commands.

The vulnerability of the System Management Module SMM/SMM2 and the Fan Power Controller FPC in the microprogramming operating systems of Lenovo’s ThinkSystem, ThinkAgile, NeXtScale storage systems, and Lenovo CP-CB-10 laptops exists due to the failure to take measures to neutralize the special...

9CVSS5.9AI score0.01131EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/05/20 12:0 a.m.7 views

The vulnerabilities of the System Management Module (SMM/SMM2) and the Fan Power Controller (FPC) in the microprogramming software of Lenovo’s storage systems such as ThinkSystem, ThinkAgile, NeXtScale, as well as Lenovo CP-CB-10 laptops, allow attackers to gain unauthorized access to protected information.

The vulnerability of the System Management Module SMM/SMM2 and the Fan Power Controller FPC in the microprogramming software of Lenovo’s storage systems such as ThinkSystem, ThinkAgile, NeXtScale, as well as Lenovo CP-CB-10 laptops, is related to the absence of authentication for critical...

7.8CVSS5.6AI score0.0053EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/05/20 12:0 a.m.6 views

The vulnerabilities of the System Management Module (SMM/SMM2) and the Fan Power Controller (FPC) in the microprogramming software for Lenovo ThinkSystem, ThinkAgile, NeXtScale storage systems, as well as Lenovo CP-CB-10 laptops, allow attackers to execute arbitrary commands.

The vulnerability of the System Management Module SMM/SMM2 and the Fan Power Controller FPC in the microprogramming operating systems of Lenovo’s ThinkSystem, ThinkAgile, NeXtScale storage systems, and Lenovo CP-CB-10 laptops exists due to the failure to take measures to neutralize the special...

9CVSS5.9AI score0.01131EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/04/09 12:0 a.m.5 views

PT-2024-3582 · Lenovo · Thinkagile +3

Name of the Vulnerable Software and Affected Versions: Lenovo ThinkSystem, ThinkAgile, NeXtScale, and Lenovo CP-CB-10 affected versions not specified Description: The issue is related to an authentication bypass vulnerability in the System Management Module SMM/SMM2 and Fan Power Controller FPC...

7.8CVSS7.4AI score0.0053EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2024/04/09 12:0 a.m.7 views

PT-2024-3581 · Lenovo · Thinkagile +3

Name of the Vulnerable Software and Affected Versions: Lenovo ThinkSystem, ThinkAgile, NeXtScale, and Lenovo CP-CB-10 affected versions not specified SMM/SMM2 and FPC affected versions not specified Description: A command injection issue was identified in the System Management Module SMM/SMM2 and...

9CVSS8.2AI score0.01131EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2024/02/26 12:0 a.m.6 views

The vulnerability of the Manageability Engine (ME) in Intel Server Platform Services (SPS) software for Lenovo ThinkSystem servers allows a malicious actor to alter the firmware configuration and trigger a service failure.

The vulnerability of the Manageability Engine ME in Intel Server Platform Services SPS of Lenovo ThinkSystem servers stems from the synchronization failure between BIOS/UEFI and ME states due to the use of non-replicable configurations. Exploiting this vulnerability can allow an attacker to alter...

2CVSS5.4AI score0.00162EPSS
Exploits0References2
OSV
OSV
added 2024/02/16 5:15 p.m.3 views

CVE-2024-23591

ThinkSystem SR670V2 servers manufactured from approximately June 2021 to July 2023 were left in Manufacturing Mode which could allow an attacker with privileged logical access to the host or physical access to server internals to modify or disable Intel Boot Guard firmware integrity, SPS security...

2.3CVSS5.8AI score0.00162EPSS
Exploits0References2
NVD
NVD
added 2024/02/16 5:15 p.m.31 views

CVE-2024-23591

ThinkSystem SR670V2 servers manufactured from approximately June 2021 to July 2023 were left in Manufacturing Mode which could allow an attacker with privileged logical access to the host or physical access to server internals to modify or disable Intel Boot Guard firmware integrity, SPS security...

2.3CVSS3.7AI score0.00162EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/02/16 4:17 p.m.17 views

CVE-2024-23591

ThinkSystem SR670V2 servers manufactured from approximately June 2021 to July 2023 were left in Manufacturing Mode which could allow an attacker with privileged logical access to the host or physical access to server internals to modify or disable Intel Boot Guard firmware integrity, SPS security...

2CVSS3.8AI score0.00162EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/02/16 4:17 p.m.33 views

CVE-2024-23591

ThinkSystem SR670V2 servers manufactured from approximately June 2021 to July 2023 were left in Manufacturing Mode which could allow an attacker with privileged logical access to the host or physical access to server internals to modify or disable Intel Boot Guard firmware integrity, SPS security...

2CVSS4.1AI score0.00162EPSS
Exploits0References1
Rows per page
Query Builder