Diagnostics

This hub aggregates every CVE we track for Diagnostics, a product in the networking infrastructure space. Use it to gauge the current risk picture and drill into individual advisories.

Networking Infrastructureother

CVEs tracked

Critical

High

In CISA KEV

Severity distribution

HIGH6MEDIUM5CRITICAL1

Monthly trend

2024-072026-06

Latest CVEs

See all →

The 12 most recently published vulnerabilities affecting Diagnostics.

CVE-2026-0827During an internal security assessment, a potential vulnerability was discovered in Lenovo Diagnostics and the HardwareScanAddin used in Lenovo Vantage that, during installation or when using hardw...7.1Apr 15, 2026
CVE-2022-3699 A privilege escalation vulnerability was reported in the Lenovo HardwareScanPlugin prior to version 1.3.1.2 and Lenovo Diagnostics prior to version 4.45 that could allow a local user to exec...7.8Oct 24, 2023
CVE-2022-3698 A denial of service vulnerability was reported in the Lenovo HardwareScanPlugin versions prior to 1.3.1.2 and Lenovo Diagnostics versions prior to 4.45 that could allow a local user with ...4.4Oct 24, 2023
CVE-2022-0353 A denial of service vulnerability was reported in the Lenovo HardwareScanPlugin versions prior to 1.3.1.2 and Lenovo Diagnostics versions prior to 4.45 that could allow a local user with ...4.4Oct 24, 2023
CVE-2020-8338A DLL search path vulnerability was reported in Lenovo Diagnostics prior to version 4.35.4 that could allow a user with local access to execute code on the system.7.8Oct 14, 2020
CVE-2016-8521A Remote click jacking vulnerability in HPE Diagnostics version 9.24 IP1, 9.26 , 9.26IP1 was found.6.5Feb 15, 2018
CVE-2016-8522A cross-site scripting vulnerability in HPE Diagnostics version 9.24 IP1, 9.26 , 9.26IP1 was found.5.4Feb 15, 2018
CVE-2011-4789Stack-based buffer overflow in magentservice.exe in the server in HP LoadRunner 11.00 before patch 4 allows remote attackers to execute arbitrary code via a crafted size value in a packet. NOTE: i...10.0Jan 13, 2012
CVE-2011-0892Cross-site scripting (XSS) vulnerability in HP Diagnostics 7.5x and 8.0x before 8.05.54.225 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.4.3Mar 29, 2011
CVE-2006-1035Unspecified vulnerability in the Oracle Diagnostics module 2.2 and earlier allows remote attackers to access diagnostics tests via unknown attack vectors.7.5Mar 7, 2006
CVE-2006-1037SQL injection vulnerability in the Oracle Diagnostics module 2.2 and earlier allows remote attackers to execute arbitrary SQL commands via unknown attack vectors.7.5Mar 7, 2006
CVE-2006-1036Multiple unspecified vulnerabilities in the Oracle Diagnostics module 2.2 and earlier have unknown impact and attack vectors, related to "permissions."7.5Mar 7, 2006

Product normalization is registry-driven with AI assist and human review. How it works