2023-01-26
|
CVE-2022-1892
|
A buffer overflow in the SystemBootManagerDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to execute arbitrary code.
|
100e_2nd_gen_firmware, 100w_gen_3_firmware, 13w_yoga_firmware, 14w_gen_2_firmware, 300e_2nd_gen_firmware, 300w_gen_3_firmware, 500w_gen_3_firmware, 730s\-13iml_firmware, Flex_3\-11ada05_firmware, Flex_5\-14alc05_firmware, Flex_5\-14are05_firmware, Flex_5\-14iil05_firmware, Flex_5\-14itl05_firmware, Flex_5\-15alc05_firmware, Flex_5\-15iil05_firmware, Flex_5\-15itl05_firmware, Ideapad_1\-11ada05_firmware, Ideapad_1\-11igl05_firmware, Ideapad_1\-14ada05_firmware, Ideapad_1\-14igl05_firmware, Ideapad_3\-14ada05_firmware, Ideapad_3\-14ada6_firmware, Ideapad_3\-14alc6_firmware, Ideapad_3\-15ada05_firmware, Ideapad_3\-15ada6_firmware, Ideapad_3\-15alc6_firmware, Ideapad_3\-17ada05_firmware, Ideapad_3\-17ada6_firmware, Ideapad_3\-17alc6_firmware, Ideapad_5\-15alc05_firmware, Ideapad_5_15aba7_firmware, Ideapad_flex_5_14alc7_firmware, Ideapad_flex_5_16alc7_firmware, Ideapad_s940\-14iil_firmware, Ideapad_slim_1\-11ast\-05_firmware, Ideapad_slim_1\-14ast\-05_firmware, Legion_s7\-15ach6_firmware, Legion_s7\-15arh5_firmware, Legion_s7\-15imh5_firmware, S145\-14api_firmware, S145\-14ast_firmware, S145\-15api_firmware, S145\-15ast_firmware, S540\-13api_firmware, Thinkbook_13s\-Iml_firmware, Thinkbook_13s_g2_are_firmware, Thinkbook_13s_g2_itl_firmware, Thinkbook_13s_g3_acn_firmware, Thinkbook_14\-Iil_firmware, Thinkbook_14\-Iml_firmware, Thinkbook_14p_g2_ach_firmware, Thinkbook_14s\-Iml_firmware, Thinkbook_14s_g2_itl_firmware, Thinkbook_15\-Iil_firmware, Thinkbook_15\-Iml_firmware, Thinkbook_16p_g2_ach_firmware, V130\-15ikb_firmware, V14\-Ada_firmware, V14_g2\-Alc_firmware, V15\-Ada_firmware, V15_g2\-Alc_firmware, Yoga_9\-15imh5_firmware, Yoga_c640\-13iml_firmware, Yoga_c640\-13iml_lte_firmware, Yoga_c940\-15irh_firmware, Yoga_s730\-13iml_firmware, Yoga_s940\-14iil_firmware, Yoga_slim_7_pro\-14ach5_firmware, Yoga_slim_7_pro\-14ach5_o_firmware, Yoga_slim_7_pro\-14arh5_firmware
|
7.8
|
|
|
2023-08-17
|
CVE-2023-4028
|
A buffer overflow has been identified in the SystemUserMasterHddPwdDxe driver in some Lenovo Notebook products which may allow an attacker with local access and elevated privileges to execute arbitrary code.
|
13w_yoga_firmware, 13w_yoga_gen_2_firmware, Flex_5\-14alc05_firmware, Flex_5\-14are05_firmware, Flex_5\-14iil05_firmware, Flex_5\-14itl05_firmware, Flex_5\-15alc05_firmware, Flex_5\-15iil05_firmware, Flex_5\-15itl05_firmware, Flex_7_14iru8_firmware, Ideapad_1\-11ada05_firmware, Ideapad_1\-11igl05_firmware, Ideapad_1\-14ada05_firmware, Ideapad_1\-14igl05_firmware, Ideapad_flex_5_14abr8_firmware, Ideapad_flex_5_14alc7_firmware, Ideapad_flex_5_14iau7_firmware, Ideapad_flex_5_14iru8_firmware, Ideapad_flex_5_16abr8_firmware, Ideapad_flex_5_16alc7_firmware, Ideapad_flex_5_16iau7_firmware, Ideapad_flex_5_16iru8_firmware, Thinkbook_13s_g2_are_firmware, Thinkbook_13s_g2_itl_firmware, Thinkbook_13s_g3_acn_firmware, Thinkbook_13s_g4_iap_firmware, Thinkbook_13x_g2_iap_firmware, Thinkbook_14s_g2_itl_firmware, Yoga_9\-15imh5_firmware
|
6.7
|
|
|