Export CSV

Products

1 vendor
VendorProductsCVEsKEVAvg EPSSWorst Severity
50395126.8%CRITICAL

Related CVEs

100+
CVE IDDescriptionSeverityCVSSKEVEPSSPublished
CVE-2026-1717An input validation vulnerability was reported in the LenovoProductivitySystemAddin used in Lenovo Vantage and Lenovo Baiying that could allow a local authenticated user to terminate arbitrary processes with elevated privileges.MEDIUM6.84.0%Mar 11, 2026
CVE-2026-1716An input validation vulnerability was reported in the DeviceSettingsSystemAddin used in Lenovo Vantage and Lenovo Baiying that could allow a local authenticated user to delete arbitrary registry keys with elevated privileges.MEDIUM6.94.4%Mar 11, 2026
CVE-2026-1715An input validation vulnerability was reported in the DeviceSettingsSystemAddin used in Lenovo Vantage and Lenovo Baiying that could allow a local authenticated user to modify arbitrary registry keys with elevated privileges.MEDIUM6.94.4%Mar 11, 2026
CVE-2025-13455A vulnerability was reported in ThinkPlus configuration software that could allow a local authenticated user to bypass ThinkPlus device authentication and enroll an untrusted fingerprint.HIGH7.31.9%Jan 14, 2026
CVE-2025-13454A potential vulnerability was reported in ThinkPlus configuration software that could allow a local authenticated user to gain access to sensitive device information.MEDIUM6.80.7%Jan 14, 2026
CVE-2025-13453A potential vulnerability was reported in some ThinkPlus USB drives that could allow a user with physical access to read data stored on the drive.MEDIUM5.12.3%Jan 14, 2026
CVE-2025-8485An improper permissions vulnerability was reported in Lenovo App Store that could allow a local authenticated user to execute code with elevated privileges during installation of an application.HIGH7.01.2%Nov 12, 2025
CVE-2025-8486A potential vulnerability was reported in PC Manager that could allow a local authenticated user to execute code with elevated privileges.HIGH8.53.8%Oct 15, 2025
CVE-2025-10581A potential DLL hijacking vulnerability was discovered in the Lenovo PC Manager during an internal security assessment that could allow a local authenticated user to execute code with elevated privileges.HIGH8.53.8%Oct 15, 2025
CVE-2025-8098An improper permission vulnerability was reported in Lenovo PC Manager that could allow a local attacker to escalate privileges.HIGH8.51.6%Aug 18, 2025
CVE-2025-6232An improper validation vulnerability was reported in Lenovo Vantage that under certain conditions could allow a local attacker to execute code with elevated permissions by modifying specific registry locations.HIGH8.57.8%Jul 17, 2025
CVE-2025-6231An improper validation vulnerability was reported in Lenovo Vantage that under certain conditions could allow a local attacker to execute code with elevated permissions by modifying an application configuration file.HIGH8.57.8%Jul 17, 2025
CVE-2025-6230A SQL injection vulnerability was reported in Lenovo Vantage that could allow a local attacker to modify the local SQLite database and execute limited SQLite commands.MEDIUM4.84.6%Jul 17, 2025
CVE-2025-2503An improper permission handling vulnerability was reported in Lenovo PC Manager that could allow a local attacker to perform arbitrary file deletions as an elevated user.MEDIUM6.91.6%May 30, 2025
CVE-2025-2502An improper default permissions vulnerability was reported in Lenovo PC Manager that could allow a local attacker to elevate privileges.HIGH8.57.2%May 30, 2025
CVE-2025-2501An untrusted search path vulnerability was reported in Lenovo PC Manager that could allow a local attacker to elevate privileges.HIGH8.55.1%May 30, 2025
CVE-2024-9046A DLL hijack vulnerability was reported in Lenovo stARstudio that could allow a local attacker to execute code with elevated privileges.HIGH7.815.2%Oct 11, 2024
CVE-2024-5474A potential information disclosure vulnerability was reported in Lenovo's packaging of Dolby Vision Provisioning software prior to version 2.0.0.2 that could allow a local attacker to read files on the system with elevated privileges during installation of the package. Previously installed versions are not affected by this issue.MEDIUM5.53.6%Oct 11, 2024
CVE-2024-4132A DLL hijack vulnerability was reported in Lenovo Lock Screen that could allow a local attacker to execute code with elevated privileges.HIGH7.87.1%Oct 11, 2024
CVE-2024-4131A DLL hijack vulnerability was reported in Lenovo Emulator that could allow a local attacker to execute code with elevated privileges.HIGH7.87.1%Oct 11, 2024