Lenovo : Security Vulnerabilities, CVEs, (File inclusion)
A DLL search path vulnerability was reported in Lenovo Bootable Generator, prior to version Mar-2019, that could allow a malicious user with local access to execute code on the system.
Max CVSS
7.8
EPSS Score
0.07%
Published
2019-04-10
Updated
2019-10-09
A DLL search path vulnerability was reported in PaperDisplay Hotkey Service version 1.2.0.8 that could allow privilege escalation. Lenovo has ended support for PaperDisplay Hotkey software as the Night light feature introduced in Windows 10 Build 1703 provides similar features.
Max CVSS
7.8
EPSS Score
0.06%
Published
2019-08-19
Updated
2023-02-02
A DLL search path vulnerability could allow privilege escalation in some Lenovo installation packages, prior to version 1.2.9.3, during installation if an attacker already has administrative privileges.
Max CVSS
6.9
EPSS Score
0.04%
Published
2020-06-09
Updated
2020-06-22
A potential vulnerability was reported in Lenovo System Interface Foundation versions before v1.1.18.3 that could allow an administrative user to load an unsigned DLL.
Max CVSS
7.8
EPSS Score
0.06%
Published
2019-11-20
Updated
2019-11-22
A symbolic link vulnerability in some Lenovo installation packages, prior to version 1.2.9.3, could allow privileged file operations during file extraction and installation.
Max CVSS
7.3
EPSS Score
0.04%
Published
2020-06-09
Updated
2020-06-22
A DLL search path vulnerability was reported in Lenovo Drivers Management prior to version 2.7.1128.1046 that could allow an authenticated user to execute code with elevated privileges.
Max CVSS
7.8
EPSS Score
0.07%
Published
2020-07-24
Updated
2020-07-29
A DLL search path vulnerability was reported in Lenovo Diagnostics prior to version 4.35.4 that could allow a user with local access to execute code on the system.
Max CVSS
7.8
EPSS Score
0.04%
Published
2020-10-14
Updated
2020-10-16
7 vulnerabilities found