cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-4632,https://securityvulnerability.io/vulnerability/CVE-2023-4632,Uncontrolled Search Path Vulnerability in Lenovo System Update,"A vulnerability exists in Lenovo System Update that allows an attacker with local access to exploit an uncontrolled search path issue. This flaw could enable the execution of arbitrary code with elevated privileges, potentially compromising system integrity and user privacy. Users are advised to update their systems to the latest version to mitigate any risks associated with this vulnerability.",Lenovo,Lenovo System Update,7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-11-08T22:15:00.000Z,0
CVE-2022-4568,https://securityvulnerability.io/vulnerability/CVE-2022-4568,Directory Permissions Management Vulnerability in Lenovo System Update,"A vulnerability exists in Lenovo System Update that pertains to directory permissions management. This issue may allow an attacker to elevate their privileges, potentially leading to unauthorized access or manipulation of system files. Users are advised to apply available security updates to mitigate this risk.",Lenovo,Lenovo System Update,7,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2023-05-01T14:36:25.547Z,0
CVE-2018-9063,https://securityvulnerability.io/vulnerability/CVE-2018-9063,,"MapDrv (C:\Program Files\Lenovo\System Update\mapdrv.exe) In Lenovo System Update versions earlier than 5.07.0072 contains a local vulnerability where an attacker entering very large user ID or password can overrun the program's buffer, causing undefined behaviors, such as execution of arbitrary code. No additional privilege is granted to the attacker beyond what is already possessed to run MapDrv.",Lenovo,Lenovo System Update,7.8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2018-05-04T17:29:00.000Z,0
CVE-2015-8109,https://securityvulnerability.io/vulnerability/CVE-2015-8109,,"Lenovo System Update (formerly ThinkVantage System Update) before 5.07.0019 allows local users to gain privileges by making a prediction of tvsu_tmp_xxxxxXXXXX account credentials that requires knowledge of the time that this account was created, aka a ""temporary administrator account vulnerability.""",Lenovo,Lenovo System Update,7,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2017-04-24T06:12:00.000Z,0
CVE-2015-8110,https://securityvulnerability.io/vulnerability/CVE-2015-8110,,"Lenovo System Update (formerly ThinkVantage System Update) before 5.07.0019 allows local users to gain privileges by navigating to (1) ""Click here to learn more"" or (2) ""View privacy policy"" within the Tvsukernel.exe GUI application in the context of a temporary administrator account, aka a ""local privilege escalation vulnerability.""",Lenovo,Lenovo System Update,7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2017-04-24T06:12:00.000Z,0