Filtered by vendor Lenovo
Subscriptions
Filtered by product Thinkpad X1 Extreme 2nd
Subscriptions
Total
7 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-3786 | 1 Lenovo | 266 Ideapad S940-14iwl, Ideapad S940-14iwl Firmware, Ideapad Yoga S940-14iwl and 263 more | 2024-11-21 | 4.4 Medium |
| A potential vulnerability in the SMI callback function used in CSME configuration of some Lenovo Notebook and ThinkPad systems could be used to leak out data out of the SMRAM range. | ||||
| CVE-2021-3599 | 1 Lenovo | 266 Ideapad S940-14iwl, Ideapad S940-14iwl Firmware, Ideapad Yoga S940-14iwl and 263 more | 2024-11-21 | 6.7 Medium |
| A potential vulnerability in the SMI callback function used to access flash device in some ThinkPad models may allow an attacker with local access and elevated privileges to execute arbitrary code. | ||||
| CVE-2021-3463 | 1 Lenovo | 125 Power Management Driver, Thinkpad 11e Gen 5, Thinkpad 11e Yoga Gen 6 and 122 more | 2024-11-21 | 4.2 Medium |
| A null pointer dereference vulnerability in Lenovo Power Management Driver for Windows 10, prior to version 1.67.17.54, that could cause systems to experience a blue screen error. | ||||
| CVE-2021-3462 | 1 Lenovo | 125 Power Management Driver, Thinkpad 11e Gen 5, Thinkpad 11e Yoga Gen 6 and 122 more | 2024-11-21 | 5.5 Medium |
| A privilege escalation vulnerability in Lenovo Power Management Driver for Windows 10, prior to version 1.67.17.54, that could allow unauthorized access to the driver's device object. | ||||
| CVE-2019-6192 | 1 Lenovo | 81 Power Management Driver, Thinkpad 13 Gen 2, Thinkpad 25 and 78 more | 2024-11-21 | 4.4 Medium |
| A potential vulnerability has been reported in Lenovo Power Management Driver versions prior to 1.67.17.48 leading to a buffer overflow which could cause a denial of service. | ||||
| CVE-2019-18619 | 3 Hp, Lenovo, Synaptics | 224 Envy - 13t-ah100, Envy - 13t-ah100 Firmware, Envy - 13t-aq100 and 221 more | 2024-11-21 | 7.8 High |
| Incorrect parameter validation in the synaTee component of Synaptics WBF drivers using an SGX enclave (all versions prior to 2019-11-15) allows a local user to execute arbitrary code in the enclave (that can compromise confidentiality of enclave data) via APIs that accept invalid pointers. | ||||
| CVE-2019-18618 | 3 Hp, Lenovo, Synaptics | 266 Elite Slice, Elite Slice Firmware, Elite X2 1012 G2 and 263 more | 2024-11-21 | 6.0 Medium |
| Incorrect access control in the firmware of Synaptics VFS75xx family fingerprint sensors that include external flash (all versions prior to 2019-11-15) allows a local administrator or physical attacker to compromise the confidentiality of sensor data via injection of an unverified partition table. | ||||
Page 1 of 1.