Export limit exceeded: 341342 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (54 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-14058 | 1 Lenovo | 31 Idea Tab Pro Tb373fu, Idea Tab Tb336fu, Legion Tab Tb320fc and 28 more | 2026-01-16 | 3.2 Low |
| A potential missing authentication vulnerability was reported in some Lenovo Tablets that could allow an unauthorized user with physical access to modify Control Center settings if the device is locked when the "Allow Control Center access when locked" option is disabled. | ||||
| CVE-2021-3453 | 1 Lenovo | 42 730s-13iml, 730s-13iml Firmware, Ideacentre Aio 5-24imb05 and 39 more | 2025-12-16 | 6.8 Medium |
| Some Lenovo Notebook, ThinkPad, and Lenovo Desktop systems have BIOS modules unprotected by Intel Boot Guard that could allow an attacker with physical access the ability to write to the SPI flash storage. | ||||
| CVE-2025-11193 | 1 Lenovo | 2 Tablet, Yoga | 2025-11-10 | 5.5 Medium |
| A potential vulnerability was reported in some Lenovo Tablets that could allow a local authenticated user or application to gain access to sensitive device specific information. | ||||
| CVE-2017-3754 | 1 Lenovo | 20 710s-13ikb\/xiaoxin Air 13ikb, 710s-13isk\/xiaoxin Air 13, Bios and 17 more | 2025-04-20 | N/A |
| Some Lenovo brand notebook systems do not have write protections properly configured in the system BIOS. This could enable an attacker with physical or administrative access to a system to be able to flash the BIOS with an arbitrary image and potentially run malicious BIOS code. | ||||
| CVE-2022-1891 | 1 Lenovo | 12 Thinkbook 14-iil, Thinkbook 14-iil Firmware, Thinkbook 14-iml and 9 more | 2025-04-03 | 6.7 Medium |
| A buffer overflow in the SystemLoadDefaultDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to execute arbitrary code. | ||||
| CVE-2022-3430 | 1 Lenovo | 88 D330-10igl, D330-10igl Firmware, Ideapad 5 Pro 16arh7 and 85 more | 2025-04-02 | 6.7 Medium |
| A potential vulnerability in the WMI Setup driver on some consumer Lenovo Notebook devices may allow an attacker with elevated privileges to modify secure boot setting by modifying an NVRAM variable. | ||||
| CVE-2022-1892 | 1 Lenovo | 140 100e 2nd Gen, 100e 2nd Gen Firmware, 100w Gen 3 and 137 more | 2025-04-02 | 6.7 Medium |
| A buffer overflow in the SystemBootManagerDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to execute arbitrary code. | ||||
| CVE-2022-1890 | 1 Lenovo | 12 Thinkbook 14-iil, Thinkbook 14-iil Firmware, Thinkbook 14-iml and 9 more | 2025-04-01 | 6.7 Medium |
| A buffer overflow in the ReadyBootDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to execute arbitrary code. | ||||
| CVE-2022-40134 | 1 Lenovo | 650 Ideacentre 3-07ada05, Ideacentre 3-07ada05 Firmware, Ideacentre 3-07imb05 and 647 more | 2025-03-27 | 4.4 Medium |
| An information leak vulnerability in the SMI Set BIOS Password SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM memory. | ||||
| CVE-2022-40135 | 1 Lenovo | 269 Ideacentre 3-07ada05, Ideacentre 3-07ada05 Firmware, Ideacentre 3-07imb05 and 266 more | 2025-03-27 | 4.4 Medium |
| An information leak vulnerability in the Smart USB Protection SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM memory. | ||||
| CVE-2022-40136 | 1 Lenovo | 291 Ideacentre 3-07ada05, Ideacentre 3-07ada05 Firmware, Ideacentre 3-07imb05 and 288 more | 2025-03-27 | 4.4 Medium |
| An information leak vulnerability in SMI Handler used to configure platform settings over WMI in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM memory. | ||||
| CVE-2022-40137 | 1 Lenovo | 571 Ideacentre 3-07ada05, Ideacentre 3-07ada05 Firmware, Ideacentre 3-07imb05 and 568 more | 2025-03-27 | 6.7 Medium |
| A buffer overflow in the WMI SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to execute arbitrary code. | ||||
| CVE-2023-4028 | 1 Lenovo | 61 13w Yoga, 13w Yoga Firmware, 13w Yoga Gen 2 and 58 more | 2024-11-21 | 6.7 Medium |
| A buffer overflow has been identified in the SystemUserMasterHddPwdDxe driver in some Lenovo Notebook products which may allow an attacker with local access and elevated privileges to execute arbitrary code. | ||||
| CVE-2023-43581 | 1 Lenovo | 222 Ideacentre 3-07ada05, Ideacentre 3-07ada05 Firmware, Ideacentre 3-07imb05 and 219 more | 2024-11-21 | 6.7 Medium |
| A buffer overflow was reported in the Update_WMI module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. | ||||
| CVE-2023-43580 | 1 Lenovo | 222 Ideacentre 3-07ada05, Ideacentre 3-07ada05 Firmware, Ideacentre 3-07imb05 and 219 more | 2024-11-21 | 6.7 Medium |
| A buffer overflow was reported in the SmuV11DxeVMR module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. | ||||
| CVE-2023-43579 | 1 Lenovo | 222 Ideacentre 3-07ada05, Ideacentre 3-07ada05 Firmware, Ideacentre 3-07imb05 and 219 more | 2024-11-21 | 6.7 Medium |
| A buffer overflow was reported in the SmuV11Dxe driver in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. | ||||
| CVE-2023-43578 | 1 Lenovo | 222 Ideacentre 3-07ada05, Ideacentre 3-07ada05 Firmware, Ideacentre 3-07imb05 and 219 more | 2024-11-21 | 6.7 Medium |
| A buffer overflow was reported in the SmiFlash module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. | ||||
| CVE-2023-43577 | 1 Lenovo | 222 Ideacentre 3-07ada05, Ideacentre 3-07ada05 Firmware, Ideacentre 3-07imb05 and 219 more | 2024-11-21 | 6.7 Medium |
| A buffer overflow was reported in the ReFlash module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. | ||||
| CVE-2023-43576 | 1 Lenovo | 222 Ideacentre 3-07ada05, Ideacentre 3-07ada05 Firmware, Ideacentre 3-07imb05 and 219 more | 2024-11-21 | 6.7 Medium |
| A buffer overflow was reported in the WMISwSmi module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. | ||||
| CVE-2023-43575 | 1 Lenovo | 222 Ideacentre 3-07ada05, Ideacentre 3-07ada05 Firmware, Ideacentre 3-07imb05 and 219 more | 2024-11-21 | 6.7 Medium |
| A buffer overflow was reported in the UltraFunctionTable module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. | ||||