CVSS: 4.7EPSS: 0%CPEs: 3EXPL: 0CVE-2024-10254
https://notcve.org/view.php?id=CVE-2024-10254
14 Jan 2025 — A potential buffer overflow vulnerability was reported in PC Manager, Lenovo Browser, and Lenovo App Store that could allow a local attacker to cause a system crash. • https://iknow.lenovo.com.cn/detail/425367 • CWE-122: Heap-based Buffer Overflow •
CVSS: 4.7EPSS: 0%CPEs: 3EXPL: 0CVE-2024-10253
https://notcve.org/view.php?id=CVE-2024-10253
14 Jan 2025 — A potential TOCTOU vulnerability was reported in PC Manager, Lenovo Browser, and Lenovo App Store that could allow a local attacker to cause a system crash. • https://iknow.lenovo.com.cn/detail/425367 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4130
https://notcve.org/view.php?id=CVE-2024-4130
11 Oct 2024 — A DLL hijack vulnerability was reported in Lenovo App Store that could allow a local attacker to execute code with elevated privileges. • https://iknow.lenovo.com.cn/detail/423563 • CWE-427: Uncontrolled Search Path Element •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-6450
https://notcve.org/view.php?id=CVE-2023-6450
19 Jan 2024 — An incorrect permissions vulnerability was reported in the Lenovo App Store app that could allow an attacker to use system resources, resulting in a denial of service. Se informó una vulnerabilidad de permisos incorrectos en la aplicación Lenovo App Store que podría permitir a un atacante utilizar recursos del sistema, lo que provocaría una denegación de servicio. • https://iknow.lenovo.com.cn/detail/419672 • CWE-400: Uncontrolled Resource Consumption CWE-404: Improper Resource Shutdown or Release •