Lenovo Thinkpad_l380
18 CVEs affecting Lenovo Thinkpad_l380. Latest disclosed: 2022-12-26. Critical: 1, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2019-6188 | Critical | 9.8 | 2019-11-12 | The BIOS tamper detection mechanism was not triggered in Lenovo ThinkPad T460p, BIOS versions up to R07ET90W, and T470p, BIOS versions up to R0FET50W, which ma… |
CVE-2019-19705 | High | 7.8 | 2022-12-26 | Realtek Audio Drivers for Windows, as used on the Lenovo ThinkPad X1 Carbon 20A7, 20A8, 20BS, and 20BT before 6.0.8882.1 and 20KH and 20KG before 6.0.8907.1 (a… |
CVE-2018-12169 | High | 7.6 | 2018-09-21 | Platform sample code firmware in 4th Generation Intel Core Processor, 5th Generation Intel Core Processor, 6th Generation Intel Core Processor, 7th Generation… |
CVE-2018-9062 | Medium | 6.8 | 2018-07-19 | In some Lenovo ThinkPad products, one BIOS region is not properly included in the checks, allowing injection of arbitrary code. |
CVE-2021-3843 | Medium | 6.7 | 2021-11-12 | A potential vulnerability in the SMI function to access EEPROM in some ThinkPad models may allow an attacker with local access and elevated privileges to execu… |
CVE-2021-3599 | Medium | 6.7 | 2021-11-12 | A potential vulnerability in the SMI callback function used to access flash device in some ThinkPad models may allow an attacker with local access and elevated… |
CVE-2021-3452 | Medium | 6.7 | 2021-07-16 | A potential vulnerability in the system shutdown SMI callback function in some ThinkPad models may allow an attacker with local access and elevated privileges… |
CVE-2020-8337 | Medium | 6.7 | 2020-06-09 | An unquoted search path vulnerability was reported in versions prior to 1.0.83.0 of the Synaptics Smart Audio UWP app associated with the DCHU audio drivers on… |
CVE-2019-10724 | Medium | 6.5 | 2019-08-29 | There is a vulnerability with the Dolby DAX2 API system services in which a low-privileged user can terminate arbitrary processes that are running at a higher… |
CVE-2020-8323 | Medium | 6.4 | 2020-06-09 | A potential vulnerability in the SMI callback function used in the Legacy SD driver in some Lenovo ThinkPad, ThinkStation, and Lenovo Notebook models may allow… |
CVE-2020-8320 | Medium | 6.4 | 2020-06-09 | An internal shell was included in BIOS image in some ThinkPad models that could allow escalation of privilege. |
CVE-2019-6172 | Medium | 6.4 | 2019-11-12 | A potential vulnerability in the SMI callback function used in Legacy USB driver using passed parameter without sufficient checking in some Lenovo ThinkPad mod… |
CVE-2019-6170 | Medium | 6.4 | 2019-11-12 | A potential vulnerability in the SMI callback function used in the Legacy USB driver using boot services structure in runtime phase in some Lenovo ThinkPad mod… |
CVE-2021-3462 | Medium | 5.5 | 2021-04-13 | A privilege escalation vulnerability in Lenovo Power Management Driver for Windows 10, prior to version 1.67.17.54, that could allow unauthorized access to the… |
CVE-2021-3786 | Medium | 4.4 | 2021-11-12 | A potential vulnerability in the SMI callback function used in CSME configuration of some Lenovo Notebook and ThinkPad systems could be used to leak out data o… |
CVE-2019-6192 | Medium | 4.4 | 2019-12-10 | A potential vulnerability has been reported in Lenovo Power Management Driver versions prior to 1.67.17.48 leading to a buffer overflow which could cause a den… |
CVE-2021-3718 | Medium | 4.3 | 2021-11-12 | A denial of service vulnerability was reported in some ThinkPad models that could cause a system to crash when the Enhanced Biometrics setting is enabled in BI… |
CVE-2021-3463 | Medium | 4.2 | 2021-04-13 | A null pointer dereference vulnerability in Lenovo Power Management Driver for Windows 10, prior to version 1.67.17.54, that could cause systems to experience… |