lenovo group limited

Top products

The 15 most recently published vulnerabilities affecting lenovo group limited.

• CVE-2024-21944Improper input validation for DIMM serial presence detect (SPD) metadata could allow an attacker with physical access, ring0 access on a system with a non-compliant DIMM, or control over the Root o...5.3Jun 10, 2026
• CVE-2025-8061A potential insufficient access control vulnerability was reported in the Lenovo Dispatcher 3.0 and Dispatcher 3.1 drivers used by some Lenovo consumer notebooks that could allow an authenticated l...7.0Sep 11, 2025
• CVE-2025-8557An internal product security audit of Lenovo XClarity Orchestrator (LXCO) discovered the below vulnerability: An attacker with access to a device on the local Lenovo XClarity Orchestrator (LXCO) n...8.8Sep 11, 2025
• CVE-2025-9201A potential DLL hijacking vulnerability was discovered in Lenovo Browser during an internal security assessment that could allow a local user to execute code with elevated privileges.7.8Sep 11, 2025
• CVE-2025-4371A potential vulnerability was reported in the Lenovo 510 FHD and Performance FHD web cameras that could allow an attacker with physical access to write arbitrary firmware updates to the device over...6.8Aug 18, 2025
• CVE-2025-6249An authentication bypass vulnerability was reported in FileZ client application that could allow a local attacker with elevated permissions access to application data.6.7Jul 17, 2025
• CVE-2025-1729A DLL hijacking vulnerability was reported in TrackPoint Quick Menu software that, under certain conditions, could allow a local attacker to escalate privileges.6.7Jul 17, 2025
• CVE-2025-1700A DLL hijacking vulnerability was reported in the Motorola Software Fix (Rescue and Smart Assistant) installer that could allow a local attacker to escalate privileges during installation of the so...7.0Jul 17, 2025
• CVE-2025-0886An incorrect permissions vulnerability was reported in Elliptic Labs Virtual Lock Sensor that could allow a local, authenticated user to escalate privileges.7.8Jul 17, 2025
• CVE-2024-12673An improper privilege vulnerability was reported in a BIOS customization feature of Lenovo Vantage on SMB notebook devices which could allow a local attacker to elevate privileges on the system. T...7.8Feb 12, 2025
• CVE-CVE-2024-21944Уязвимость микропрограммного обеспечения процессоров безопасности AMD Secure Processor (ASP), связанная с неправильной проверкой входных данных, позволяющая нарушителю повысить свои привилегия5.3Jan 13, 2025
• CVE-2024-6001An improper certificate validation vulnerability was reported in LADM that could allow a network attacker with the ability to redirect an update request to a remote server and execute code with ele...8.1Dec 16, 2024
• CVE-2024-4762An improper validation vulnerability was reported in the firmware update mechanism of LADM and LDCC that could allow a local attacker to escalate privileges.7.8Dec 16, 2024
• CVE-2024-33056Buffer Over-read in MProc8.4Dec 2, 2024
• CVE-2024-33044Improper Validation of Array Index in Hypervisor8.4Dec 2, 2024