Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lenovo lenovo system update vulnerabilities and exploits
(subscribe to this query)
409
VMScore
CVE-2018-9063
MapDrv (C:\Program Files\Lenovo\System Update\mapdrv.exe) In Lenovo System Update versions earlier than 5.07.0072 contains a local vulnerability where an attacker entering very large user ID or password can overrun the program's buffer, causing undefined behaviors, such as e...
Lenovo System Update
445
VMScore
CVE-2018-9068
The IMM2 First Failure Data Capture function collects management module logs and diagnostic information when a hardware error is detected. This information is made available for download through an SFTP server hosted on the IMM2 management network interface. In versions earlier t...
Lenovo Flex System X240 M4 Firmware
Lenovo Flex System X240 M5 Firmware
Lenovo Flex System X280 X6 Firmware
Lenovo Flex System X440 M4 Firmware
Lenovo Flex System X480 X6 Firmware
Lenovo Flex System X880 Firmware
Lenovo Nextscale Nx360 M5 Firmware
Lenovo System X3250 M6 Firmware
Lenovo System X3500 M5 Firmware
Lenovo System X3550 M5 Firmware
Lenovo System X3650 M5 Firmware
Lenovo System X3750 M4 Firmware
Lenovo System X3850 X6 Firmware
Lenovo System X3950 X6 Firmware
Ibm Bladecenter Hs22 Firmware
Ibm Bladecenter Hs23 Firmware
Ibm Bladecenter Hs23e Firmware
Ibm Flex System X220 M4 Firmware
Ibm Flex System X222 M4 Firmware
Ibm Flex System X240 M4 Firmware
Ibm Flex System X280 M4 Firmware
Ibm Flex System X440 M4 Firmware
756
VMScore
CVE-2018-16089
In System Management Module (SMM) versions before 1.06, a field in the header of SMM firmware update images is insufficiently sanitized, allowing post-authentication command injection on the SMM as the root user.
Lenovo System Management Module Firmware
828
VMScore
CVE-2016-8237
Remote code execution in Lenovo Updates (not Lenovo System Update) allows man-in-the-middle malicious users to execute arbitrary code.
Lenovo Updates -
755
VMScore
CVE-2011-3556
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and previous versions, 5.0 Update 31 and previous versions, 1.4.2_33 and previous versions, and JRockit R28.1.4 and previous versions allows remote malicious users to ...
Sun Jre 1.7.0
Sun Jdk 1.7.0
Oracle Jrockit
Oracle Jrockit R28.1.0
Oracle Jrockit R28.1.1
Oracle Jrockit R28.1.3
Oracle Jrockit R28.0.1
Oracle Jrockit R28.0.2
Oracle Jrockit R28.0.0
Sun Jdk 1.6.0
Sun Jre 1.6.0
Sun Jre
Sun Jdk
Sun Jre 1.5.0
Sun Jdk 1.5.0
Sun Jre 1.4.2 26
Sun Jdk 1.4.2 13
Sun Jdk 1.4.2 30
Sun Jre 1.4.2 7
Sun Jre 1.4.2 27
Sun Jdk 1.4.2 12
Sun Jdk 1.4.2 31
1 EDB exploit
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3