CVSS: 10.0EPSS: 4%CPEs: 58EXPL: 0CVE-2015-5684
https://notcve.org/view.php?id=CVE-2015-5684
27 Mar 2020 — MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A buffer overflow vulnerability was reported, (fixed and publicly disclosed in 2015) in the Lenovo Service Engine (LSE), affecting various versions of BIOS for Lenovo Notebooks, that could allow a remote user to execute arbitrary code on the system. MITRE está completando este ID porque fue asignado antes de que Lenovo se convirtiera en un CNA. Se reportó una vulnerabilidad de desbordamiento del búfer (corregida y divulgada ... • https://support.lenovo.com/us/en/product_security/lse_bios_notebook • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 4.6EPSS: 0%CPEs: 57EXPL: 0CVE-2016-8224
https://notcve.org/view.php?id=CVE-2016-8224
29 Nov 2016 — A vulnerability has been identified in some Lenovo Notebook and ThinkServer systems where an attacker with administrative privileges on a system could install a program that circumvents Intel Management Engine (ME) protections. This could result in a denial of service or privilege escalation attack on the system. Una vulnerabilidad ha sido identificada en algunos sistemas Lenovo Notebook y ThinkServer donde un atacante con privilegios administrativos en un sistema podría instalar un programa que evita prote... • http://www.securityfocus.com/bid/94595 • CWE-310: Cryptographic Issues •