3 results (0.011 seconds)

CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0

A denial of service vulnerability was reported in Lenovo Vantage HardwareScan Plugin version 1.3.0.5 and earlier that could allow a local attacker to delete contents of an arbitrary directory under certain conditions. Se informó una vulnerabilidad de Denegación de Servicio (DoS) en Lenovo Vantage HardwareScan Plugin versión 1.3.0.5 y anteriores que podría permitir a un atacante local eliminar el contenido de un directorio arbitrario bajo ciertas condiciones. • https://support.lenovo.com/us/en/product_security/LEN-94532 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0

A privilege elevation vulnerability was reported in the Lenovo Vantage SystemUpdate plugin version 2.0.0.212 and earlier that could allow a local attacker to execute arbitrary code with elevated privileges. Se informó una vulnerabilidad de elevación de privilegios en el complemento Lenovo Vantage SystemUpdate versión 2.0.0.212 y anteriores que podría permitir a un atacante local ejecutar código arbitrario con privilegios elevados. • https://support.lenovo.com/us/en/product_security/LEN-94532 • CWE-269: Improper Privilege Management CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •

CVSS: 6.3EPSS: 0%CPEs: 3EXPL: 0

A Time of Check Time of Use (TOCTOU) vulnerability was reported in the Lenovo Vantage SystemUpdate Plugin version 2.0.0.212 and earlier that could allow a local attacker to delete arbitrary files. Se informó una vulnerabilidad de Time of Check Time of Use (TOCTOU) en Lenovo Vantage SystemUpdate Plugin versión 2.0.0.212 y anteriores que podría permitir a un atacante local eliminar archivos arbitrarios. • https://support.lenovo.com/us/en/product_security/LEN-94532 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •