1170 matches found
TianoCore EDK II BIOS Vulnerabilities - US
Lenovo Security Advisory: LEN-22660 Potential Impact: Denial of service, privilege escalation Severity: Medium Scope of Impact: Industry-wide Summary Description: Lenovo was notified of multiple buffer validation and parsing vulnerabilities in TianoCore EDK II BIOS that could lead to denial of...
System Update Vulnerability - US
Lenovo Security Advisory: LEN-27348 Potential Impact: Denial of service Severity: Medium Scope of Impact: Lenovo-specific CVE Identifier: CVE-2019-6163 Summary Description: A denial of service vulnerability was reported in Lenovo System Update that could allow service log files to be written to...
Lenovo System Interface Foundation Privilege Escalation - us
Lenovo Security Advisory: LEN-10150 Potential Impact: Local privilege escalation Severity: High Scope of Impact: Lenovo specific CVE Identifier: CVE-2016-8223 Summary Description: During an internal security review, Lenovo identified a local privilege escalation vulnerability in Lenovo System...
BIOS EFI Driver SMM Code Execution Vulnerability - my
Lenovo Security Advisory: LEN-4901 Potential Impact: Execution of code in SMM by an attacker with local administrative access Severity: Medium Scope of Impact: Lenovo specific Summary Description: System Management Mode SMM is the most privileged execution mode of the x86 processor. A vulnerabili...
Local Root Exploit on Lenovo VIBE Mobile Phones - us
Lenovo Security Advisory: LEN-15823 Potential Impact: Elevation of Privilege Severity: Medium Scope of Impact: Lenovo specific CVE Identifier: CVE-2017-3748, CVE-2017-3749, CVE-2017-3750 Summary Description: Vulnerabilities have been identified on Lenovo VIBE Mobile Phones that allow the user or ...
Information about LenovoEMC devices may be disclosed if the device has an Internet-accessible management interface
Lenovo Security Advisory: LEN-3846 Potential Impact: Disclosure of information about device Severity:Low Summary: An unauthenticated user may be able to view device information about the LenovoEMC device if the management interface accessible over the internet. Even with this vunerability, no dat...
Intel Graphics Driver for Windows Vulnerabilities - US
Lenovo Security Advisory: LEN-26295 Potential Impact: Denial of service Severity: Medium Scope of Impact: Industry-wide CVE Identifier: CVE-2019-0113, CVE-2019-0114, CVE-2019-0115, CVE-2019-0116 Summary Description: Potential security vulnerabilities in Intel® Graphics Driver for Windows may allo...
NVIDIA GPU Display Driver - September 2020 Security Bulletin - Lenovo Support US
Lenovo Security Advisory: LEN-47663 Potential Impact: Denial of service, code execution, privilege escalation, information disclosure Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2020-5979 , CVE-2020-5980, CVE-2020-5981, CVE-2020-5981 , CVE-2020-5982, CVE-2020-5983,...
GNU Bourne-Again Shell (Bash) 'Shellshock'
Lenovo Security Advisory: LEN-2014-003 Potential Impact: Execution of arbitrary code Severity: High Summary: GNU Bash is the common command-line shell used in many Linux/UNIX systems. The vulnerability is also referred to as “Shellshock. ” Exploitation of this vulnerability may allow a remote...
SHAREit for Windows and Android Vulnerabilities
Lenovo Security Advisory: LEN-4058 Potential Impact: Remote browsing of file system, and unauthorized access of files on Windows and Android denial of service attack that could crash the Windows SHAREit client Severity: High Lenovo SHAREit Application: End of Lenovo Support Summary: Vulnerabiliti...
NVIDIA GeForce Experience - May 2019 - Lenovo Support US
Lenovo Security Advisory: LEN-27815 Potential Impact: Privilege escalation, information disclosure, denial of service Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2019-5676, CVE-2019-5678 Summary Description: NVIDIA has released a software update to address potential security...
Intel PROSet/Wireless WiFi Software Vulnerabilities - Lenovo Support US
Lenovo Security Advisory: LEN-29761 Potential Impact: Escalation of Privilege, Denial of Service, Information Disclosure Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2019-11151, CVE-2019-11152, CVE-2019-11153, CVE-2019-11154, CVE-2019-11155, CVE-2019-11156 Summary...
AMD Radeon DirectX 11 Driver Vulnerabilities - Lenovo Support US
Lenovo Security Advisory: LEN-42153 Potential Impact: Code execution Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2020-6100, CVE-2020-6101, CVE-2020-6102, CVE-2020-6103 Summary Description: AMD reported potential vulnerabilities in a specific virtual machine VM configuration...
Intel Graphics Vulnerabilities - Lenovo Support US
Lenovo Security Advisory: LEN-28235 Potential Impact: Escalation of Privilege, Denial of Service, Information Disclosure Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2019-0154, CVE-2019-0155, , CVE-2019-11089, CVE-2019-11111, CVE-2019-11112, CVE-2019-11113, CVE-2019-14574,...
ASPEED AST-series BMC Vulnerability - US
Lenovo Security Advisory: LEN-26252 Potential Impact: Privilege escalation Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2019-6260 Summary Description: An industry-wide vulnerability affecting ASPEED AST-series Baseboard Management Controllers BMCs used in certain servers and...
Intel Integrated Performance Primitives (IPP) Information Disclosure - US
Lenovo Security Advisory: LEN-25662 Potential Impact: Information disclosure Severity: Moderate Scope of Impact: Industry-wide CVE Identifier: CVE-2018-12155 Summary Description: Intel has notified Lenovo of a potential security vulnerability in Intel IPP may allow data leakage in cryptographic...
ST Microelectronics TPM Firmware ECDSA Signature Generation Vulnerability - Lenovo Support US
No description provided...
Intel Graphics Driver for Windows - Lenovo Support US
Lenovo Security Advisory: LEN-30555 Potential Impact: Escalation of privilege, denial of service and/or information disclosure Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2020-0501, CVE-2020-0502, CVE-2020-0503, CVE-2020-0504, CVE-2020-0505, CVE-2020-0506, CVE-2020-0507,...
Intel USB 3.0 eXtensible Host Controller Driver Vulnerability - Lenovo Support US
Lenovo Security Advisory: LEN-26562 Potential Impact: Privilege escalation Severity: Medium Scope of Impact: Industry-wide CVE Identifier: CVE-2018-3700 Summary Description: A potential security vulnerability in the Intel USB 3.0 eXtensible Host Controller Driver may allow escalation of privilege...
Lenovo StorSelect DX8200C glibc, Linux Kernel and Cloudian Management Console Vulnerabilities - us
Lenovo Security Advisory: LEN-17538 Potential Impact: Arbitrary Code Execution Severity: High Scope of Impact: Industry-Wide CVE Identifier: CVE-2017-1000364, CVE-2017-1000366 Summary: Several vulnerabilities have been identified on the Lenovo StorSelect DX8200C MT 5120 running versions of Cloudi...
Dolby Audio X2 (DAX2) privilege escalation
A vulnerability has been identified with the file permissions for the Dolby DAX2 application programming interface API that could allow a local user to run files with system level privileges. Mitigation Strategy for Customers what you should do to protect yourself: Lenovo is currently working wit...
LEN-2015-011: Lenovo System Update Privilege Escalation
Lenovo Security Advisory: LEN-2015-011 Potential Impact: Execution of arbitrary code Severity: Medium Summary: Several vulnerabilities have been identified within Lenovo System Update previously known as ThinkVantage System Update. Lenovo has released a new version of the Lenovo System Update...
Multiple ThinkServer System Manager (TSM) *50-series Security Weaknesses
Lenovo Security Advisory: LEN-2015-024 Potential Impact: Unauthorized Access; Escalation of Privilege; Denial of Service; Man-in-the-Middle MitM Attack Severity: High Summary: Multiple security weaknesses were discovered in the ThinkServer System Manager TSM Baseboard Management Controller for th...
Iomega and LenovoEMC NAS Vulnerability - US
Lenovo Security Advisory: LEN-25557 Potential Impact: Information disclosure Severity: High Scope of Impact: Lenovo-specific CVE Identifier: CVE-2019-6160, CVE-2019-6178 Summary Description: Update 2019-08-15: CVE-2019-6178: An information leakage vulnerability in Iomega and LenovoEMC NAS product...
Rowhammer DDR4 Vulnerability - Lenovo Support US
No description provided...
Lenovo Android Tablet and Lenovo VIBE, Moto, and ZUK Mobile Phone Remote Code Execution Vulnerability - us
Lenovo Security Advisory: LEN-15374 Potential Impact: Remote code execution Severity: High Scope of Impact: All Lenovo Android tablets and the following mobile phones: all Lenovo VIBE and ZUK devices, and the Moto M XT1663 and Moto E3 XT1706 distributed by Lenovo. CVE Identifier: CVE-2017-3758,...
UEFI EDK2 Capsule Update Vulnerabilities
Lenovo Security Advisory: LEN-2014-001 Potential Impact: Execution of arbitrary code Severity: Medium Summary: The EDK2 UEFI reference implementation contains multiple vulnerabilities in the Capsule Update mechanism. Description: The open source EDK2 project provides a reference implementation of...
Multi-vendor BIOS Security Vulnerabilities (November 2020) - Lenovo Support US
No description provided...
NVIDIA Windows GPU Display Driver Vulnerabilities - February 2020 - Lenovo Support US
Lenovo Security Advisory: LEN-30458 Potential Impact: Denial of service, escalation of privileges, code execution, or information disclosure. Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2020-5957, CVE-2020-5958, CVE-2020-5959, CVE-2020-5960, CVE-2020-5961 Summary Description...
Multi-Vendor Desktop & WorkStation BIOS Security Vulnerabilities - Lenovo Support US
Lenovo Security Advisory: LEN-28078 Potential Impact: Escalation of Privilege, Denial of Service, Information Disclosure Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2019-6190 Summary Description: When possible, Lenovo consolidates multiple BIOS security fixes and enhancement...
Intel Chipset Device Software Vulnerability - Lenovo Support US
Lenovo Security Advisory: LEN-27840 Potential Impact: Privilege escalation Severity: Low Scope of Impact: Industry-wide CVE Identifier: CVE-2019-0128 Summary Description: A potential security vulnerability in the Intel Chipset Device Software INF Update Utility may allow escalation of privilege...
Memory corruption due to an unsanitized pointer in the NVIDIA display driver
Lenovo Security Advisory: LEN-3313 Potential Impact: Escalation of privileges Severity: Medium Summary: A vulnerability has been found in the NVIDIA driver that could be used to allow a local, non-privileged user to corrupt kernel memory. This could be used to gain local root privileges...
NVIDIA GPU Display Driver - April 2021 Security Bulletin - Lenovo Support US
No description provided...
Privilege escalation vulnerabilities in IBM System Networking Switch Center and Lenovo Switch Center
Lenovo Security Advisory:LEN-2015-074, LEN-2746 Potential Impact: Escalation of Privileges Severity: High Summary: Multiple vulnerabilities have been identified in the following products: - IBM System Networking Switch Center - Lenovo Switch Center Description: Lenovo Switch Center, previously...
Partial Physical Address Leakage Vulnerability - US
Lenovo Security Advisory: LEN-27842 Potential Impact: Information disclosure Severity: Low Scope of Impact: Industry-wide CVE Identifier: CVE-2019-0174 Summary Description: A potential security vulnerability in some microprocessors may allow partial information disclosure via local access. This...
Intel PROSet Wireless WiFi Software Advisory - Lenovo Support US
Lenovo Security Advisory: LEN-30550 Potential Impact: Denial of service, escalation of privilege Severity: Medium Scope of Impact: Industry-wide CVE Identifier: CVE-2020-0557, CVE-2020-0558 Summary Description: Intel reported potential security vulnerabilities in Intel PROSet/Wireless WiFi Softwa...
Encryption Key Negotiation of Bluetooth Vulnerability - Lenovo Support US
Lenovo Security Advisory: LEN-27173 Potential Impact: Information disclosure, privilege escalation Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2019-9506, CVE-2020-10135 Summary Description: Update 2020-06-23: As reported by the Bluetooth SIG, Researchers at the École...
XClarity Administrator (LXCA) Service Data May Include Proxy Credentials - US
Lenovo Security Advisory: LEN-26141 Potential Impact: Information disclosure Severity: High Scope of Impact: Lenovo-specific CVE Identifier: CVE-2019-6158 Summary Description: An internal product security audit of Lenovo XClarity Administrator LXCA discovered HTTP proxy credentials being written ...
Lenovo Nerve Center for Desktops Privilege Escalation - us
Lenovo Security Advisory: LEN-15046 Potential Impact: Privilege escalation Severity: High Scope of Impact: Lenovo Specific CVE Identifier: CVE-2017-3747 Summary Description: During an internal security review, a vulnerability was discovered in Lenovo Nerve Center for Windows 10 on Desktop systems...
NVIDIA Windows GPU Driver Privilege Escalation or Denial of Service - us
Lenovo Security Advisory: LEN-12057 Potential Impact: Denial of service and escalation of privileges Severity: High Scope of Impact: Industry-Wide CVE Identifier: CVE-2016-8821, CVE-2016-8822, CVE-2016-8823, CVE-2016-8824, CVE-2016-8825, CVE-2016-8826, CVE-2016-3161, CVE-2016-5852, CVE-2016-4960,...
Intel SGX and Processor Side Channel Data Leakage Vulnerabilities - Lenovo Support US
Lenovo Security Advisory: LEN-30553 Potential Impact: Information disclosure, escalation of privilege Severity: Medium Scope of Impact: Industry-wide CVE Identifier: CVE-2020-0551, CVE-2020-0561 Summary Description: Intel reported potential security vulnerabilities in some Intel Processors that m...
Lenovo Vantage Vulnerabilities - Lenovo Support US
Lenovo Security Advisory: LEN-30401 Potential Impact: Escalation of Privilege, Improper Verification of Cryptographic Signature, Severity: High Scope of Impact: Lenovo-specific CVE Identifier: CVE-2020-8316, CVE-2020-8318, CVE-2020-8319, CVE-2020-8324, CVE-2020-8327 Summary Description: The...
NVIDIA Windows GPU Display Driver Vulnerabilities - Lenovo Support US
Lenovo Security Advisory: LEN-28096 Potential Impact: Code execution, denial of service, privilege escalation, information disclosure Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2019-5683, CVE-2019-5684, CVE-2019-5685, CVE-2019-5686, CVE-2019-5687 Summary Description: NVIDIA...
SPI Protected Range Registers Affected by S3 Sleep Mode - US
Lenovo Security Advisory: LEN-26332 Potential Impact: None Severity: Low Scope of Impact: Lenovo-specific CVE Identifier: CVE-2019-6156 Summary Description: In Lenovo systems, SMM BIOS Write Protection is used to prevent writes to SPI Flash. While this provides sufficient protection, an additiona...
Intel DCI Policy Update - US
Lenovo Security Advisory: LEN-23611 Potential Impact: Privilege escalation, information disclosure Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2018-3652 Summary Description: Intel is releasing Direct Connect Interface DCI policy update. Existing UEFI setting restrictions for...
Brocade Fabric OS Advisory - US
Lenovo Security Advisory: LEN-24765 Potential Impact: Privilege escalation, information disclosure, denial of service Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2018-6433, CVE-2018-6434, CVE-2018-6435, CVE-2018-6436, CVE-2018-6437, CVE-2018-6438, CVE-2018-6439, CVE-2018-644...
NetApp Clustered Data ONTAP Vulnerabilities - Lenovo Support US
No description provided...
Intel SSD DC S4500/S4600 Series Vulnerability - US
Lenovo Security Advisory: LEN-28116 Potential Impact: Privilege escalation Severity: Medium Scope of Impact: Industry-wide CVE Identifier: CVE-2018-18095 Summary Description: Intel has reported a potential security vulnerability in Intel Solid State Drives SSD for Data Centers DC S4500/S4600 Seri...
Venom
Lenovo Security Advisory: LEN-2015-046 Potential Impact: Escalation of Privileges Severity: High Summary: A buffer overflow vulnerability affecting the Floppy Disk Controller FDC emulation implemented in the QEMU component has been identified in the KVM/QEMU and Xen hypervisors. This vulnerabilit...
Intel Graphics Driver for Windows - Lenovo Support US
Lenovo Security Advisory: LEN-36229 Potential Impact: Escalation of privilege, Denial of service Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2020-0510, CVE-2020-0512, CVE-2020-0513, CVE-2020-8679, CVE-2020-8680, CVE-2020-8681, CVE-2020-8682, CVE-2020-8683 Summary Description...