CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-33579
https://notcve.org/view.php?id=CVE-2024-33579
11 Oct 2024 — A DLL hijack vulnerability was reported in Lenovo Baiying that could allow a local attacker to execute code with elevated privileges. • https://iknow.lenovo.com.cn/detail/423563 • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-33578
https://notcve.org/view.php?id=CVE-2024-33578
11 Oct 2024 — A DLL hijack vulnerability was reported in Lenovo Leyun that could allow a local attacker to execute code with elevated privileges. • https://iknow.lenovo.com.cn/detail/423563 • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9046
https://notcve.org/view.php?id=CVE-2024-9046
11 Oct 2024 — A DLL hijack vulnerability was reported in Lenovo stARstudio that could allow a local attacker to execute code with elevated privileges. • https://iknow.lenovo.com.cn/detail/423563 • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4132
https://notcve.org/view.php?id=CVE-2024-4132
11 Oct 2024 — A DLL hijack vulnerability was reported in Lenovo Lock Screen that could allow a local attacker to execute code with elevated privileges. • https://iknow.lenovo.com.cn/detail/423563 • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4131
https://notcve.org/view.php?id=CVE-2024-4131
11 Oct 2024 — A DLL hijack vulnerability was reported in Lenovo Emulator that could allow a local attacker to execute code with elevated privileges. • https://iknow.lenovo.com.cn/detail/423563 • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4130
https://notcve.org/view.php?id=CVE-2024-4130
11 Oct 2024 — A DLL hijack vulnerability was reported in Lenovo App Store that could allow a local attacker to execute code with elevated privileges. • https://iknow.lenovo.com.cn/detail/423563 • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4089
https://notcve.org/view.php?id=CVE-2024-4089
11 Oct 2024 — A DLL hijack vulnerability was reported in Lenovo Super File that could allow a local attacker to execute code with elevated privileges. • https://iknow.lenovo.com.cn/detail/423563 • CWE-427: Uncontrolled Search Path Element •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5474
https://notcve.org/view.php?id=CVE-2024-5474
11 Oct 2024 — A potential information disclosure vulnerability was reported in Lenovo's packaging of Dolby Vision Provisioning software prior to version 2.0.0.2 that could allow a local attacker to read files on the system with elevated privileges during installation of the package. Previously installed versions are not affected by this issue. • https://support.lenovo.com/us/en/product_security/LEN-158394 • CWE-276: Incorrect Default Permissions •
CVSS: 6.7EPSS: 0%CPEs: 99EXPL: 0CVE-2024-45105
https://notcve.org/view.php?id=CVE-2024-45105
13 Sep 2024 — An internal product security audit discovered a UEFI SMM (System Management Mode) callout vulnerability in some ThinkSystem servers that could allow a local attacker with elevated privileges to execute arbitrary code. • https://support.lenovo.com/us/en/product_security/LEN-165524 • CWE-825: Expired Pointer Dereference •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45104
https://notcve.org/view.php?id=CVE-2024-45104
13 Sep 2024 — A valid, authenticated LXCA user without sufficient privileges may be able to use the device identifier to modify an LXCA managed device through a specially crafted web API call. • https://support.lenovo.com/us/en/product_security/LEN-154748 • CWE-282: Improper Ownership Management •