Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lenovo lenovo system update vulnerabilities and exploits
(subscribe to this query)
454
VMScore
CVE-2008-3249
The client in Lenovo System Update prior to 3.14 does not properly validate the certificate when establishing an SSL connection, which allows remote malicious users to install arbitrary packages via an SSL certificate whose X.509 headers match a public certificate used by IBM.
Lenovo Thinkvantage System Update 3.13
Lenovo Thinkvantage System Update
614
VMScore
CVE-2015-8109
Lenovo System Update (formerly ThinkVantage System Update) prior to 5.07.0019 allows local users to gain privileges by making a prediction of tvsu_tmp_xxxxxXXXXX account credentials that requires knowledge of the time that this account was created, aka a "temporary administr...
Lenovo Lenovo System Update
1 Article
641
VMScore
CVE-2015-8110
Lenovo System Update (formerly ThinkVantage System Update) prior to 5.07.0019 allows local users to gain privileges by navigating to (1) "Click here to learn more" or (2) "View privacy policy" within the Tvsukernel.exe GUI application in the context of a tempo...
Lenovo Lenovo System Update
1 Article
NA
CVE-2022-3702
A denial of service vulnerability was reported in Lenovo Vantage HardwareScan Plugin version 1.3.0.5 and previous versions that could allow a local malicious user to delete contents of an arbitrary directory under certain conditions.
Lenovo System Update Plugin
Lenovo Hardware Scan Plugin
Lenovo Hardware Scan Addin
NA
CVE-2022-3700
A Time of Check Time of Use (TOCTOU) vulnerability was reported in the Lenovo Vantage SystemUpdate Plugin version 2.0.0.212 and previous versions that could allow a local malicious user to delete arbitrary files.
Lenovo System Update Plugin
Lenovo Hardware Scan Plugin
Lenovo Hardware Scan Addin
NA
CVE-2022-3701
A privilege elevation vulnerability was reported in the Lenovo Vantage SystemUpdate plugin version 2.0.0.212 and previous versions that could allow a local malicious user to execute arbitrary code with elevated privileges.
Lenovo System Update Plugin
Lenovo Hardware Scan Plugin
Lenovo Hardware Scan Addin
694
VMScore
CVE-2019-6175
A denial of service vulnerability was reported in Lenovo System Update versions before 5.07.0088 that could allow configuration files to be written to non-standard locations.
Lenovo System Update
614
VMScore
CVE-2020-8342
A race condition vulnerability was reported in Lenovo System Update prior to version 5.07.0106 that could allow escalation of privilege.
Lenovo System Update
641
VMScore
CVE-2015-7333
MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A local privilege escalation vulnerability was reported (fixed and publicly disclosed in 2015) in Lenovo System Update version 5.07.0008 and prior where the SUService.exe /type INF and INF_BY_COMP...
Lenovo System Update
641
VMScore
CVE-2015-7334
MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A local privilege escalation vulnerability was reported (fixed and publicly disclosed in 2015) in Lenovo System Update version 5.07.0008 and prior where the SUService.exe /type COMMAND type could ...
Lenovo System Update
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »