cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-45105,https://securityvulnerability.io/vulnerability/CVE-2024-45105,Hidden Server Vulnerability Could Allow Local Attackers to Execute Arbitrary Code,An internal product security audit discovered a UEFI SMM (System Management Mode) callout vulnerability in some ThinkSystem servers that could allow a local attacker with elevated privileges to execute arbitrary code.,Lenovo,"Hx5530 Appliance (thinkagile) BiOS,Hx645 V3 Integrated System (thinkagile) BiOS,Hx665 V3 Certified Node (thinkagile) BiOS,St250 V3 (thinksystem) BiOS,Vx3331 Certified Node (thinkagile) BiOS,Hx1331 Certified Node (thinkagile) BiOS,Hx2330 Appliance (thinkagile) BiOS,Hx2331 Certified Node (thinkagile) BiOS,Hx3330 Appliance (thinkagile) BiOS,Hx3331 Certified Node (thinkagile) BiOS,Hx3331 Node SAP Hana (thinkagile) BiOS,Hx3375 Appliance (thinkagile) BiOS,Hx3376 Certified Node (thinkagile) BiOS,Hx5531 Certified Node (thinkagile) BiOS,Hx630 V3  Certified Node (thinkagile) BiOS,Hx630 V3 Integrated System (thinkagile) BiOS,Hx645 V3 Certified Node (thinkagile) BiOS,Hx650 V3 Certified Node (thinkagile) BiOS,Hx650 V3 Integrated System (thinkagile) BiOS,Hx665 V3 Integrated System (thinkagile) BiOS,Hx665 V3 Storage Certified Node (thinkagile) BiOS,Hx665 V3 Storage Integrated Node (thinkagile) BiOS,Hx7530 Appl For SAP Hana (thinkagile) BiOS,Hx7531 Certified Node (thinkagile) BiOS,Hx7531 Node SAP Hana (thinkagile) BiOS,Mx3330-f All-flash Appliance (thinkagile) BiOS,Mx3330-h Hybrid Appliance (thinkagile) BiOS,Mx3331-f All-flash Certified Node (thinkagile) BiOS,Mx3331-h Hybrid Certified Node (thinkagile) BiOS,Mx3530 F All Flash Appliance (thinkagile) BiOS,Mx3530-h Hybrid Appliance (thinkagile) BiOS,Mx3531 H Hybrid Certified Node (thinkagile) BiOS,Mx3531-f All-flash Certified Node (thinkagile) BiOS,Mx630 V3 Certified Node (thinkagile) BiOS,Mx630 V3 Integrated System (thinkagile) BiOS,Mx650 V3 Certified Node (thinkagile) BiOS,Mx650 V3 Integrated System (thinkagile) BiOS,Sd530 V3 (thinksystem) BiOS,Sd550 V3 (thinksystem) BiOS,Sd630 V2 (thinksystem) BiOS,Sd650 V2 (thinksystem) BiOS,Sd650 V3 (thinksystem) BiOS,Sd650-n V2 (thinksystem) BiOS,Sd665 V3 (thinksystem) BiOS,Se350 V2 (thinkedge) BiOS,Se360 V2 (thinkedge) BiOS,Se450 (thinkedge) BiOS,Se455 V3 (thinkedge) BiOS,Sn550 V2 (thinksystem) BiOS,Sr250 V2 (thinksystem) BiOS,Sr250 V3 (thinksystem) BiOS,Sr258 V2 (thinksystem) BiOS,Sr258 V3 (thinksystem) BiOS,Sr630 V2 (thinksystem) BiOS,Sr630 V3 (thinksystem) BiOS,Sr635 V3 (thinksystem) BiOS,Sr645 (thinksystem) BiOS,Sr645 V3 (thinksystem) BiOS,Sr650 V2 (thinksystem) BiOS,Sr650 V3 (thinksystem) BiOS,Sr655 V3 (thinksystem) BiOS,Sr665 (thinksystem) BiOS,Sr665 V3 (thinksystem) BiOS,Sr670 V2 (thinksystem) BiOS,Sr675 V3 (thinksystem) BiOS,Sr850 V2 (thinksystem) BiOS,Sr850 V3 (thinksystem) BiOS,Sr860 V2 (thinksystem) BiOS,Sr860 V3 (thinksystem) BiOS,Sr950 V3 (thinksystem) BiOS,St250 V2 (thinksystem) BiOS,St258 V2 (thinksystem) BiOS,St258 V3 (thinksystem) BiOS,St650 V2 (thinksystem) BiOS,St650 V3 (thinksystem) BiOS,St658 V2 (thinksystem) BiOS,St658 V3 (thinksystem) BiOS,Vx2330 Appliance (thinkagile) BiOS,Vx3330 Appliance (thinkagile) BiOS,Vx3530-g Appliance (thinkagile) BiOS,Vx5530 Appliance (thinkagile) BiOS,Vx630 V3 Certified Node (thinkagile) BiOS,Vx635 V3 Certified Node (thinkagile) BiOS,Vx635 V3 Integrated System (thinkagile) BiOS,Vx645 V3 Certified Node (thinkagile) BiOS,Vx645 V3 Integrated System (thinkagile) BiOS,Vx650 V3 Certified Node (thinkagile) BiOS,Vx650 V3 Dpu Certified Node (thinkagile) BiOS,Vx650 V3 Dpu Integrated System (thinkagile) BiOS,Vx650 V3 Dpu SAP Hana Certified Node (thinkagile) BiOS,Vx650 V3 Integrated System (thinkagile) BiOS,Vx650 V3 SAP Hana Certified Node (thinkagile) BiOS,Vx655 V3 Certified Node (thinkagile) BiOS,Vx655 V3 Integrated System (thinkagile) BiOS,Vx665 V3 Certified Node (thinkagile) BiOS,Vx665 V3 Integrated System (thinkagile) BiOS,Vx7330 Appliance (thinkagile) BiOS,Vx7530 Appliance (thinkagile) BiOS,Vx7531 Certified Node (thinkagile) BiOS",6.7,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-09-13T17:29:08.267Z,0
CVE-2024-7756,https://securityvulnerability.io/vulnerability/CVE-2024-7756,ThinkPad L390 Yoga Vulnerability Could Lead to Privilege Escalation,A potential vulnerability was reported in the ThinkPad L390 Yoga and 10w Notebook that could allow a local attacker to escalate privileges by accessing an embedded UEFI shell.,Lenovo,"10w (type 82st, 82su) Laptop (lenovo) BiOS,L390 (type 20nr, 20ns) Laptops (thinkpad) BiOS,L390 Yoga (type 20nt, 20nu) Laptops (thinkpad) BiOS",6.8,MEDIUM,0.0005300000193528831,false,,false,false,false,,,false,false,,2024-09-13T17:26:58.798Z,0
CVE-2024-4550,https://securityvulnerability.io/vulnerability/CVE-2024-4550,Potential Buffer Overflow Vulnerability Affects Lenovo Servers,A potential buffer overflow vulnerability was reported in some Lenovo ThinkSystem and ThinkStation products that could allow a local attacker with elevated privileges to execute arbitrary code.,Lenovo,"P360 Workstation (thinkstation) BiOS,St50 (thinksystem) BiOS,St50 V2 (thinksystem) BiOS,St58 (thinksystem) BiOS,St58 V2 (thinksystem) BiOS",6.7,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-09-13T17:26:46.819Z,0
CVE-2024-3100,https://securityvulnerability.io/vulnerability/CVE-2024-3100,Possible Buffer Overflow Vulnerability in Lenovo Notebooks,A potential buffer overflow vulnerability was reported in some Lenovo Notebook products that could allow a local attacker with elevated privileges to execute arbitrary code.,Lenovo,"100w Gen 3 Laptop (lenovo) BiOS,100w Gen 4 Laptop (lenovo) BiOS,13w Yoga (type 82s1, 82s2) Laptop (lenovo) BiOS,13w Yoga Gen 2 (type 82yr, 82ys) Laptop (lenovo) BiOS,14w Gen 2 Laptop (lenovo) BiOS,300w Gen 3 Laptop (lenovo) BiOS,300w Yoga Gen 4 Laptop (lenovo) BiOS,500w Yoga Gen 4 Laptop (lenovo) BiOS,Flex 5-14itl05 Laptop (ideapad) BiOS,Flex 5-15itl05 Laptop (ideapad) BiOS,Ideapad 1 14alc7 Laptop BiOS,Ideapad 1 15alc7 Laptop BiOS,Ideapad 1-11igl05 Laptop BiOS,Ideapad 1-14igl05 Laptop BiOS,Ideapad 3 14aba7 Laptop BiOS,Ideapad 3 15aba7 Laptop BiOS,Ideapad 3 17aba7 Laptop BiOS,Ideapad 3-14alc6 Laptop BiOS,Ideapad 3-15alc6 Laptop BiOS,Ideapad 3-17alc6 Laptop BiOS,Ideapad 5-15alc05 Laptop BiOS,Ideapad Flex 5 14abr8 BiOS,Ideapad Flex 5 14alc7 Laptop BiOS,Ideapad Flex 5 14iau7 Laptop BiOS,Ideapad Flex 5 14iru8 BiOS,Ideapad Flex 5 16abr8 BiOS,Ideapad Flex 5 16alc7 BiOS,Ideapad Flex 5 16iau7 BiOS,Ideapad Flex 5 16iru8 BiOS,Ideapad Slim 3 14abr8 BiOS,Ideapad Slim 3 14amn8 BiOS,Ideapad Slim 3 15abr8 BiOS,Ideapad Slim 3 15amn8 BiOS,Ideapad Slim 3 16abr8 BiOS,Ideapad Slim 5 Light 14abr8  BiOS,K14 G2 Iru BiOS,Lenovo Flex 7 14iau7 BiOS,Lenovo Flex 7 14iru8 BiOS,Lenovo V14 G3 Aba Laptop BiOS,Lenovo V14 G4 Abp BiOS,Lenovo V14 G4 Amn BiOS,Lenovo V15 G3 Aba Laptop BiOS,Lenovo V15 G4 Abp BiOS,Lenovo V15 G4 Amn BiOS,Thinkbook 13s G4 Arb BiOS,Thinkbook 13s G4 Iap BiOS,Thinkbook 13x G2 Iap Laptop BiOS,Thinkbook 14 G6 Abp BiOS,Thinkbook 14 G6 Irl BiOS,Thinkbook 16 G6 Abp BiOS,Thinkbook 16 G6 Irl BiOS,V14 G2-alc Laptop (lenovo) BiOS,V15 G2-alc Laptop (lenovo) BiOS,Yoga Slim 7 Pro-14ach5 Laptop (ideapad) BiOS,Yoga Slim 7 Pro-14ach5 O Laptop (ideapad) BiOS",6.7,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-09-13T17:26:33.357Z,0
CVE-2023-25493,https://securityvulnerability.io/vulnerability/CVE-2023-25493,Potential BIOS Update Tool Vulnerability Could Allow Local User Execution of Arbitrary Code,"A vulnerability has been identified in the BIOS update tool driver used in several Lenovo products, including Desktop models, Smart Edge, Smart Office, and ThinkStation lines. This vulnerability could provide a local user with elevated privileges the opportunity to execute arbitrary code, potentially compromising the system's integrity and security. It is crucial for users to stay informed and apply the necessary security updates to mitigate risks associated with this issue.",Lenovo,BiOS,6.7,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-04-05T21:15:00.000Z,0
CVE-2023-25494,https://securityvulnerability.io/vulnerability/CVE-2023-25494,Potential Vulnerability in BIOS of Desktop Products Could Allow Local Attack with Elevated Privileges,"A potential vulnerability exists within the BIOS of various Lenovo products, including Desktop, Smart Edge, and ThinkStation models. This issue may enable a local attacker with elevated privileges to write unauthorized changes to NVRAM variables, potentially compromising system configurations and security. Users of the affected products should remain vigilant and apply any available updates to mitigate risks associated with this vulnerability.",Lenovo,"Desktop BiOS, Smart Edge BiOS, Thinkstation BiOS",6.7,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-04-05T21:15:00.000Z,0
CVE-2023-5912,https://securityvulnerability.io/vulnerability/CVE-2023-5912,Possible Memory Leak Vulnerability Affects Lenovo Notebooks,"
A potential memory leakage vulnerability was reported in some Lenovo Notebook products that may allow a local attacker with elevated privileges to write to NVRAM variables. 

",Lenovo,Notebook BiOS,6.7,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-04-05T21:15:00.000Z,0
CVE-2023-43572,https://securityvulnerability.io/vulnerability/CVE-2023-43572,Buffer Over-Read Vulnerability in Lenovo Desktop Products,"A buffer over-read issue was identified in the BiosExtensionLoader module of certain Lenovo Desktop products. This vulnerability could be exploited by a local attacker with elevated privileges, leading to the potential disclosure of sensitive information. Users are advised to review their systems and apply available security updates to mitigate the risk.",Lenovo,Desktop BiOS,4.4,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-11-08T23:15:00.000Z,0
CVE-2023-45078,https://securityvulnerability.io/vulnerability/CVE-2023-45078,Memory Leakage Vulnerability in DustFilterAlertSmm Driver by Lenovo,"A memory leakage vulnerability has been identified in the DustFilterAlertSmm SMM driver developed by Lenovo. This issue allows a local attacker with elevated privileges to exploit the vulnerability and write to NVRAM variables, which could lead to unauthorized access to sensitive information stored in memory. The potential for local privilege escalation makes this vulnerability a notable concern for system integrity and security.",Lenovo,BiOS,6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-11-08T23:15:00.000Z,0
CVE-2023-43581,https://securityvulnerability.io/vulnerability/CVE-2023-43581,Buffer Overflow in Lenovo Desktop Products' Update_WMI Module,"A vulnerability has been identified in the Update_WMI module of certain Lenovo Desktop products. This buffer overflow issue may enable a local attacker with elevated privileges to execute arbitrary code, potentially compromising the security and functionality of the affected systems. Users are advised to apply updates and monitor their devices for any unusual activity to mitigate this risk.",Lenovo,Desktop BiOS,6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-11-08T23:15:00.000Z,0
CVE-2023-45075,https://securityvulnerability.io/vulnerability/CVE-2023-45075,Memory Leakage Vulnerability in SWSMI_Shadow DXE Driver from Lenovo,"A memory leakage issue exists in the SWSMI_Shadow DXE driver, which may permit a local attacker with elevated privileges to manipulate NVRAM variables. This vulnerability could lead to potential unauthorized access to sensitive data, emphasizing the need for prompt evaluation and necessary security measures.",Lenovo,BiOS,6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-11-08T23:15:00.000Z,0
CVE-2023-45077,https://securityvulnerability.io/vulnerability/CVE-2023-45077,Memory Leakage Vulnerability in Lenovo 534D0740 DXE Driver,"A vulnerability has been identified in the Lenovo 534D0740 DXE driver, characterized by memory leakage. This flaw could enable a local attacker with elevated privileges to gain unauthorized access to NVRAM variables. Exploiting this vulnerability may lead to potential manipulation of sensitive system settings and compromise system integrity.",Lenovo,BiOS,6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-11-08T23:15:00.000Z,0
CVE-2023-43576,https://securityvulnerability.io/vulnerability/CVE-2023-43576,Buffer Overflow in WMISwSmi Module of Lenovo Desktop Products,"A buffer overflow vulnerability has been identified in the WMISwSmi module present in various Lenovo Desktop products. This flaw may allow a local attacker with elevated privileges to exploit the vulnerability and execute arbitrary code, potentially compromising system integrity and security. Users are advised to apply the latest security updates to mitigate this risk.",Lenovo,Desktop BIOS,6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-11-08T23:15:00.000Z,0
CVE-2023-43578,https://securityvulnerability.io/vulnerability/CVE-2023-43578,Buffer Overflow Vulnerability in Lenovo Desktop Products,"A newly discovered buffer overflow vulnerability in the SmiFlash module of several Lenovo Desktop products could be exploited by a local attacker with elevated privileges. This flaw may enable such attackers to execute arbitrary code on the affected systems, thereby compromising system integrity and user security. Users are advised to review the product security updates and apply necessary patches to mitigate potential risks.",Lenovo,Desktop BiOS,6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-11-08T23:15:00.000Z,0
CVE-2023-43579,https://securityvulnerability.io/vulnerability/CVE-2023-43579,Buffer Overflow Vulnerability in Lenovo Desktop Products,"A buffer overflow vulnerability exists in the SmuV11Dxe driver on certain Lenovo desktop products. This flaw potentially allows a local attacker with elevated privileges to execute arbitrary code, posing a significant security risk. Users are advised to apply recommended updates to protect their systems.",Lenovo,Desktop BiOS,6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-11-08T23:15:00.000Z,0
CVE-2023-45076,https://securityvulnerability.io/vulnerability/CVE-2023-45076,Memory Leakage Vulnerability in Lenovo 534D0140 DXE Driver,"A memory leakage vulnerability has been identified in the Lenovo 534D0140 DXE driver, which could potentially allow a local attacker with elevated privileges to manipulate non-volatile RAM (NVRAM) variables. This vulnerability exposes critical system information, allowing attackers to execute unauthorized actions that might compromise system integrity and availability. It is crucial for users and administrators to apply the latest updates and patches to mitigate this risk.",Lenovo,BiOS,6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-11-08T23:15:00.000Z,0
CVE-2023-43580,https://securityvulnerability.io/vulnerability/CVE-2023-43580,Buffer Overflow Vulnerability in Lenovo Desktop Products,"A critical buffer overflow vulnerability has been identified in the SmuV11DxeVMR module of certain Lenovo Desktop products. This vulnerability could potentially allow a local attacker with elevated privileges to execute arbitrary code, leading to unauthorized access or control over affected systems. It is essential for users of Lenovo Desktop products to apply necessary updates and patches to mitigate this risk.",Lenovo,Desktop BiOS,6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-11-08T23:15:00.000Z,0
CVE-2023-45079,https://securityvulnerability.io/vulnerability/CVE-2023-45079,Memory Leakage Vulnerability in NvmramSmm Driver from Lenovo,"A memory leakage vulnerability has been identified in Lenovo's NvmramSmm SMM driver. This issue may allow a local attacker with elevated privileges to write to non-volatile RAM (NVRAM) variables, potentially compromising the integrity and security of critical data stored in the system. Users are advised to assess the security of their devices and to apply mitigations as they become available.",Lenovo,BiOS,6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-11-08T23:15:00.000Z,0
CVE-2023-43577,https://securityvulnerability.io/vulnerability/CVE-2023-43577,Buffer Overflow Vulnerability in Lenovo Desktop Products,"A vulnerability exists in the ReFlash module of certain Lenovo Desktop products, allowing a local attacker with elevated privileges to execute arbitrary code. This issue creates potential risks where an attacker could gain unauthorized access to system-level operations, highlighting the importance of addressing security measures in firmware components.",Lenovo,Desktop BIOS,6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-11-08T23:15:00.000Z,0
CVE-2023-43575,https://securityvulnerability.io/vulnerability/CVE-2023-43575,Buffer Overflow Vulnerability in Lenovo Desktop Products,"A buffer overflow vulnerability has been discovered in the UltraFunctionTable module of various Lenovo Desktop products. This flaw could potentially allow an authenticated local attacker to execute arbitrary code on the affected systems, leading to unauthorized control and manipulation. Users are strongly advised to review their system configurations and apply any necessary patches to mitigate this risk.",Lenovo,Desktop BiOS,6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-11-08T23:15:00.000Z,0
CVE-2023-43573,https://securityvulnerability.io/vulnerability/CVE-2023-43573,Buffer Overflow Vulnerability in Lenovo Desktop Products,"A buffer overflow vulnerability exists in the LEMALLDriversConnectedEventHook module of select Lenovo Desktop products. This flaw could enable a local attacker with elevated privileges to execute arbitrary code, posing significant security risks. Users must ensure their systems are up to date to mitigate potential exploitation.",Lenovo,Desktop BiOS,6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-11-08T23:15:00.000Z,0
CVE-2023-43574,https://securityvulnerability.io/vulnerability/CVE-2023-43574,Buffer Over-Read Vulnerability in Lenovo Desktop Products,"A buffer over-read vulnerability has been identified in the LEMALLDriversConnectedEventHook module affecting certain Lenovo Desktop products. This flaw may enable a local attacker with elevated privileges to potentially disclose sensitive information, raising concerns about the integrity of user data on affected systems.",Lenovo,Desktop BiOS,4.4,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-11-08T23:15:00.000Z,0
CVE-2023-43571,https://securityvulnerability.io/vulnerability/CVE-2023-43571,Buffer Overflow in BiosExtensionLoader Module Affects Lenovo Desktop Products,"A buffer overflow vulnerability has been identified in the BiosExtensionLoader module utilized by certain Lenovo Desktop products. This flaw may permit a local attacker, who possesses elevated privileges, the potential to execute arbitrary code. Mitigating this vulnerability is crucial to maintaining the integrity and security of affected systems. For more information, consult Lenovo's security bulletin.",Lenovo,Desktop BiOS,6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-11-08T23:15:00.000Z,0
CVE-2023-43567,https://securityvulnerability.io/vulnerability/CVE-2023-43567,Buffer Overflow in Lenovo Desktop Products,"A buffer overflow issue has been identified in the LemSecureBootForceKey module present in selected Lenovo Desktop products. This vulnerability may enable a local attacker with escalated privileges to execute arbitrary code, potentially compromising the integrity of the affected systems. Users are advised to review their security practices and monitor for updates from Lenovo to mitigate risks associated with this vulnerability.",Lenovo,Desktop BiOS,6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-11-08T22:15:00.000Z,0
CVE-2023-5078,https://securityvulnerability.io/vulnerability/CVE-2023-5078,BIOS Firmware Tampering in Lenovo ThinkPad Devices,"A vulnerability identified in Lenovo ThinkPad BIOS allows physical or local attackers with elevated privileges to potentially tamper with the BIOS firmware. This poses a risk to the integrity of the system, as unauthorized modifications could lead to undesired behaviors or unauthorized access to sensitive information. Users are advised to review security advisories for updates and mitigate risks effectively.",Lenovo,Thinkpad BiOS,6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-11-08T22:15:00.000Z,0