Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lenovo system update vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-2234
Race condition in Lenovo System Update (formerly ThinkVantage System Update) prior to 5.06.0034 uses world-writable permissions for the update files directory, which allows local users to gain privileges by writing to an update file after the signature is validated.
Lenovo System Update
NA
CVE-2015-2219
Lenovo System Update (formerly ThinkVantage System Update) prior to 5.06.0034 uses predictable security tokens, which allows local users to gain privileges by sending a valid token with a command to the System Update service (SUService.exe) through an unspecified named pipe.
Lenovo System Update
1 EDB exploit
NA
CVE-2015-2233
Lenovo System Update (formerly ThinkVantage System Update) prior to 5.06.0034 does not properly validate CA chains during signature validation, which allows man-in-the-middle malicious users to upload and execute arbitrary files via a crafted certificate.
Lenovo System Update
NA
CVE-2011-3556
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and previous versions, 5.0 Update 31 and previous versions, 1.4.2_33 and previous versions, and JRockit R28.1.4 and previous versions allows remote malicious users to ...
Sun Jre 1.7.0
Sun Jdk 1.7.0
Oracle Jrockit
Oracle Jrockit R28.0.1
Oracle Jrockit R28.0.0
Oracle Jrockit R28.1.3
Oracle Jrockit R28.1.1
Oracle Jrockit R28.1.0
Oracle Jrockit R28.0.2
Sun Jre 1.6.0
Sun Jdk 1.6.0
Sun Jdk
Sun Jre
Sun Jre 1.5.0
Sun Jdk 1.5.0
Sun Jre 1.4.2 32
Sun Jre 1.4.2 31
Sun Jre 1.4.2 30
Sun Jre 1.4.2 23
Sun Jre 1.4.2 22
Sun Jre 1.4.2 15
Sun Jre 1.4.2 14
1 EDB exploit
1 Github repository
NA
CVE-2008-3249
The client in Lenovo System Update prior to 3.14 does not properly validate the certificate when establishing an SSL connection, which allows remote malicious users to install arbitrary packages via an SSL certificate whose X.509 headers match a public certificate used by IBM.
Lenovo Thinkvantage System Update 3.13
Lenovo Thinkvantage System Update
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3