cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-4696,https://securityvulnerability.io/vulnerability/CVE-2024-4696,Privilege Escalation Vulnerability in Lenovo Service Bridge Could Allow OS Command Execution,"A privilege escalation vulnerability has been identified in Lenovo Service Bridge, specifically in versions before 5.0.2.17. This vulnerability allows an attacker to potentially execute operating system commands by visiting a specially crafted link. Attackers exploiting this flaw could manipulate system operations with higher privileges than intended, leading to unauthorized access and control. Organizations utilizing affected versions of Lenovo Service Bridge should prioritize upgrading to the latest version to mitigate associated risks.",Lenovo,Service Bridge,7.5,HIGH,0.000699999975040555,false,,false,false,false,,,false,false,,2024-06-13T20:01:18.145Z,0
CVE-2019-6167,https://securityvulnerability.io/vulnerability/CVE-2019-6167,Remote Code Execution Vulnerability in Lenovo Service Bridge,A vulnerability in Lenovo Service Bridge prior to version 4.1.0.1 could potentially allow an attacker to execute arbitrary code remotely. This flaw highlights the importance of keeping software updated to mitigate risks associated with unpatched vulnerabilities. Users are advised to update to the latest version of Lenovo Service Bridge to protect against potential exploitation.,Lenovo,Service Bridge,8.8,HIGH,0.01307000033557415,false,,false,false,false,,,false,false,,2019-06-25T00:00:00.000Z,0
CVE-2019-6169,https://securityvulnerability.io/vulnerability/CVE-2019-6169,Unencrypted FTP Downloads in Lenovo Service Bridge,"A vulnerability in Lenovo Service Bridge prior to version 4.1.0.1 enables the potential for unencrypted file transfers through FTP. This security flaw may expose sensitive user data during transmission, making it accessible to unauthorized parties. Users are strongly encouraged to upgrade to the latest version to mitigate risks associated with this vulnerability.",Lenovo,Service Bridge,6.5,MEDIUM,0.0016799999866634607,false,,false,false,false,,,false,false,,2019-06-25T00:00:00.000Z,0
CVE-2019-6166,https://securityvulnerability.io/vulnerability/CVE-2019-6166,Cross-Site Request Forgery Vulnerability in Lenovo Service Bridge,A vulnerability identified in Lenovo Service Bridge versions prior to 4.1.0.1 allows attackers to potentially exploit cross-site request forgery (CSRF) attacks. This flaw may enable unauthorized actions on behalf of authenticated users if they visit a maliciously crafted web page. Users of Lenovo Service Bridge are urged to update to the latest version to mitigate exposure to this vulnerability.,Lenovo,Service Bridge,5.4,MEDIUM,0.0007300000288523734,false,,false,false,false,,,false,false,,2019-06-25T00:00:00.000Z,0
CVE-2019-6168,https://securityvulnerability.io/vulnerability/CVE-2019-6168,Remote Code Execution Vulnerability in Lenovo Service Bridge Prior to Version 4.1.0.1,"A significant vulnerability identified in Lenovo Service Bridge versions prior to 4.1.0.1 has the potential to enable remote code execution. This flaw could be exploited by attackers to run arbitrary code on affected systems, posing serious security risks. Users and administrators are strongly encouraged to update their software to the latest version to mitigate any potential threats.",Lenovo,Service Bridge,8.8,HIGH,0.01307000033557415,false,,false,false,false,,,false,false,,2019-06-25T00:00:00.000Z,0
CVE-2016-8229,https://securityvulnerability.io/vulnerability/CVE-2016-8229,,A cross-site request forgery vulnerability in Lenovo Service Bridge before version 4 could be exploited by an attacker with access to the DHCP server used by the system where LSB is installed.,Lenovo,Service Bridge,8.8,HIGH,0.0007999999797903001,false,,false,false,false,,,false,false,,2017-06-04T21:29:00.000Z,0
CVE-2016-8228,https://securityvulnerability.io/vulnerability/CVE-2016-8228,,"In Lenovo Service Bridge before version 4, a user with local privileges on a system could execute code with administrative privileges.",Lenovo,Service Bridge,7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2017-06-04T21:29:00.000Z,0
CVE-2016-8230,https://securityvulnerability.io/vulnerability/CVE-2016-8230,,"In Lenovo Service Bridge before version 4, an insecure HTTP connection is used by LSB to send system serial number, machine type and model and product name to Lenovo's servers.",Lenovo,Service Bridge,7.5,HIGH,0.0018599999602884054,false,,false,false,false,,,false,false,,2017-06-04T21:29:00.000Z,0
CVE-2016-8231,https://securityvulnerability.io/vulnerability/CVE-2016-8231,,"In Lenovo Service Bridge before version 4, a bug found in the signature verification logic of the code signing certificate could be exploited by an attacker to insert a forged code signing certificate.",Lenovo,Service Bridge,7.5,HIGH,0.000859999970998615,false,,false,false,false,,,false,false,,2017-06-04T21:29:00.000Z,0