Filtered by vendor Lenovo
Subscriptions
Filtered by product Thinkpad P14s Gen 2 Firmware
Subscriptions
Total
8 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2022-4574 | 1 Lenovo | 108 Thinkpad L14, Thinkpad L14 Firmware, Thinkpad L14 Gen 2 and 105 more | 2023-11-08 | 6.7 Medium |
An SMI handler input validation vulnerability in the BIOS of some ThinkPad models could allow an attacker with local access and elevated privileges to execute arbitrary code. | ||||
CVE-2022-48189 | 1 Lenovo | 170 Thinkpad E14, Thinkpad E14 Firmware, Thinkpad E14 Gen 2 and 167 more | 2023-11-03 | 6.7 Medium |
An SMM driver input validation vulnerability in the BIOS of some ThinkPad models could allow an attacker with local access and elevated privileges to execute arbitrary code. | ||||
CVE-2023-4030 | 1 Lenovo | 8 Thinkpad P14s Gen 2, Thinkpad P14s Gen 2 Firmware, Thinkpad P15s Gen 2 and 5 more | 2023-08-24 | 7.8 High |
A vulnerability was reported in BIOS for ThinkPad P14s Gen 2, P15s Gen 2, T14 Gen 2, and T15 Gen 2 that could cause the system to recover to insecure settings if the BIOS becomes corrupt. | ||||
CVE-2023-4029 | 1 Lenovo | 52 K14 Type 21cu, K14 Type 21cu Firmware, K14 Type 21cv and 49 more | 2023-08-24 | 6.7 Medium |
A buffer overflow has been identified in the BoardUpdateAcpiDxe driver in some Lenovo ThinkPad products which may allow an attacker with local access and elevated privileges to execute arbitrary code. | ||||
CVE-2023-2290 | 1 Lenovo | 170 Thinkpad E14, Thinkpad E14 Firmware, Thinkpad E14 Gen 2 and 167 more | 2023-07-05 | 6.7 Medium |
A potential vulnerability in the LenovoFlashDeviceInterface SMI handler may allow an attacker with local access and elevated privileges to execute arbitrary code. | ||||
CVE-2022-40134 | 1 Lenovo | 650 Ideacentre 3-07ada05, Ideacentre 3-07ada05 Firmware, Ideacentre 3-07imb05 and 647 more | 2023-02-08 | 4.4 Medium |
An information leak vulnerability in the SMI Set BIOS Password SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM memory. | ||||
CVE-2021-3786 | 1 Lenovo | 266 Ideapad S940-14iwl, Ideapad S940-14iwl Firmware, Ideapad Yoga S940-14iwl and 263 more | 2021-11-26 | 5.5 Medium |
A potential vulnerability in the SMI callback function used in CSME configuration of some Lenovo Notebook and ThinkPad systems could be used to leak out data out of the SMRAM range. | ||||
CVE-2021-3599 | 1 Lenovo | 266 Ideapad S940-14iwl, Ideapad S940-14iwl Firmware, Ideapad Yoga S940-14iwl and 263 more | 2021-11-24 | 6.7 Medium |
A potential vulnerability in the SMI callback function used to access flash device in some ThinkPad models may allow an attacker with local access and elevated privileges to execute arbitrary code. |
Page 1 of 1.