Lenovo Thinkpad_25
8 CVEs affecting Lenovo Thinkpad_25. Latest disclosed: 2023-10-30. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2019-18619 | High | 7.8 | 2020-07-22 | Incorrect parameter validation in the synaTee component of Synaptics WBF drivers using an SGX enclave (all versions prior to 2019-11-15) allows a local user to… |
CVE-2022-4575 | Medium | 6.7 | 2023-10-30 | A vulnerability due to improper write protection of UEFI variables was reported in the BIOS of some ThinkPad models could allow an attacker with physical or l… |
CVE-2021-3599 | Medium | 6.7 | 2021-11-12 | A potential vulnerability in the SMI callback function used to access flash device in some ThinkPad models may allow an attacker with local access and elevated… |
CVE-2019-18618 | Medium | 6.0 | 2020-07-22 | Incorrect access control in the firmware of Synaptics VFS75xx family fingerprint sensors that include external flash (all versions prior to 2019-11-15) allows… |
CVE-2021-3462 | Medium | 5.5 | 2021-04-13 | A privilege escalation vulnerability in Lenovo Power Management Driver for Windows 10, prior to version 1.67.17.54, that could allow unauthorized access to the… |
CVE-2021-3786 | Medium | 4.4 | 2021-11-12 | A potential vulnerability in the SMI callback function used in CSME configuration of some Lenovo Notebook and ThinkPad systems could be used to leak out data o… |
CVE-2019-6192 | Medium | 4.4 | 2019-12-10 | A potential vulnerability has been reported in Lenovo Power Management Driver versions prior to 1.67.17.48 leading to a buffer overflow which could cause a den… |
CVE-2021-3463 | Medium | 4.2 | 2021-04-13 | A null pointer dereference vulnerability in Lenovo Power Management Driver for Windows 10, prior to version 1.67.17.54, that could cause systems to experience… |