CVSS: 6.7EPSS: 0%CPEs: 2EXPL: 0CVE-2022-4433
https://notcve.org/view.php?id=CVE-2022-4433
A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS LenovoSetupConfigDxe driver that could allow a local attacker with elevated privileges to cause information disclosure. • https://support.lenovo.com/us/en/product_security/LEN-103709 • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 6.7EPSS: 0%CPEs: 2EXPL: 0CVE-2022-4432
https://notcve.org/view.php?id=CVE-2022-4432
A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS PersistenceConfigDxe driver that could allow a local attacker with elevated privileges to cause information disclosure. • https://support.lenovo.com/us/en/product_security/LEN-103709 • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 288EXPL: 0CVE-2019-19705
https://notcve.org/view.php?id=CVE-2019-19705
Realtek Audio Drivers for Windows, as used on the Lenovo ThinkPad X1 Carbon 20A7, 20A8, 20BS, and 20BT before 6.0.8882.1 and 20KH and 20KG before 6.0.8907.1 (and on many other Lenovo and non-Lenovo products), mishandles DLL preloading. Realtek Audio Drivers para Windows, como se usan en Lenovo ThinkPad X1 Carbon 20A7, 20A8, 20BS y 20BT anteriores a 6.0.8882.1 y 20KH y 20KG anteriores a 6.0.8907.1 (y en muchos otros productos Lenovo y no Lenovo), manejan mal la precarga de DLL. • https://support.lenovo.com/us/en/product_security/ps500315-realtek-audio-driver-vulnerability • CWE-428: Unquoted Search Path or Element •
CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 0CVE-2021-42205
https://notcve.org/view.php?id=CVE-2021-42205
ELAN Miniport touchpad Windows driver before 24.21.51.2, as used in PC hardware from multiple manufacturers, allows local users to cause a system crash by sending a certain IOCTL request, because that request is handled twice. El controlador de Windows del panel táctil ELAN Miniport anterior a 24.21.51.2, tal como se usa en hardware de PC de varios fabricantes, permite a los usuarios locales provocar una falla del sistema enviando una determinada solicitud IOCTL, porque esa solicitud se maneja dos veces. • https://www.emc.com.tw/upload/F2E/Vulnerability%20Report/Vulnerability%20Report_Miniport%20touchpad%20Windows%20driver_20221107.pdf •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-1513
https://notcve.org/view.php?id=CVE-2022-1513
A potential vulnerability was reported in Lenovo PCManager prior to version 5.0.10.4191 that may allow code execution when visiting a specially crafted website. Se informó de una posible vulnerabilidad en Lenovo PCManager versiones anteriores a 5.0.10.4191, que puede permitir una ejecución de código cuando es visitado un sitio web especialmente diseñado. • https://iknow.lenovo.com.cn/detail/dc_203545.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •