Archived Lenovo Product Security Advisories
Archived Lenovo Product Security Advisories
Archived Lenovo Product Security Advisories
For a list of current Advisories and more information, go to: Lenovo Product Security Advisories
|
Lenovo ID |
Advisory Summary |
CVEs |
Industry Identifiers |
First Published |
Last Updated |
|---|---|---|---|---|---|
| LEN-31370 | Rowhammer DDR4 Vulnerability | CVE-2020-10255 | Rowhammer | 2020-12-08 | 2023-08-08 |
| LEN-31072 | AMI MegaRAC SP-X BMC Redfish Authentication Bypass | No CVE | 2020-06-09 | 2023-07-17 | |
| LEN-50482 | AMD Graphics Driver Vulnerability | CVE-2020-12927 | 2020-11-10 | 2023-03-15 | |
| LEN-57316 | Intel® PROSet and Wireless WiFi, Intel vPro® CSME WiFi, and Intel® Killer™ WiFi Advisory | CVE-2020-24586, CVE-2020-24587, CVE-2020-24588 | INTEL-SA-00473, USIRP02-2020, FragAttacks | 2021-05-11 | 2023-02-08 |
| LEN-51731 | Intel CSME, SPS, and LMS Advisory | CVE-2020-24508, CVE-2020-24509, CVE-2020-8704, CVE-2020-24507, CVE-2020-8703, CVE-2020-24506 | INTEL-SA-00459, 2021.1 IPU | 2021-06-08 | 2023-02-08 |
| LEN-60072 | NVIDIA GeForce Experience - April 2021 Security Bulletin | CVE-2021-1079 | 2021-05-11 | 2023-01-26 | |
| LEN-50101 | NVIDIA GeForce Experience - October 2020 | CVE-2020-5977, CVE-2020-5978, CVE-2020-5990 | 2020-11-10 | 2023-01-26 | |
| LEN-43116 | NVIDIA GeForce Experience - July 2020 | CVE-2020-5964 | 2020-09-08 | 2023-01-26 | |
| LEN-61212 | Aggregation and Fragmentation Attacks against Wi-Fi (FragAttacks) Vulnerabilities | CVE-2020-24586, CVE-2020-24587, CVE-2020-24588, CVE-2020-26139, CVE-2020-26140, CVE-2020-26141, CVE-2020-26142, CVE-2020-26143, CVE-2020-26144, CVE-2020-26145, CVE-2020-26146, CVE-2020-26147 | USIRP02-2020, FragAttacks | 2021-06-08 | 2023-01-06 |
| LEN-62746 | Intel Wireless Bluetooth and Killer Bluetooth Advisory | CVE-2021-0151, CVE-2021-0152 | INTEL-SA-00540 | 2021-11-09 | 2022-11-15 |
| LEN-94532 | Lenovo Vantage Component Vulnerabilities | CVE-2022-3700, CVE-2022-3701, CVE-2022-3702, CVE-2022-0353, CVE-2022-3698, CVE-2022-3699 | 2022-11-08 | 2022-11-08 | |
| LEN-91348 | AMD IBPB Return Branch Predictions Information Disclosure | CVE-2022-23824 | AMD-SB-1040 | 2022-11-08 | 2022-11-08 |
| LEN-91192 | Elan UltraNav and MiniPort Driver Denial of Service Vulnerability | CVE-2021-42205 | 2022-11-08 | 2022-11-08 | |
| LEN-102365 | Lenovo Diagnostics Vulnerabilities | CVE-2022-0353, CVE-2022-3698, CVE-2022-3699 | 2022-11-08 | 2022-11-08 | |
| LEN-102360 | Brocade EZSwitch Vulnerability | CVE-2022-33186 | BSA-2022-2121 | 2022-11-08 | 2022-11-08 |
| LEN-68035 | IPV6 VLAN Stacking Vulnerability | CVE-2021-27853, CVE-2021-27854, CVE-2021-27861, CVE-2021-27862 | VU#855201 | 2022-10-11 | 2022-11-04 |
| LEN-60188 | Intel Thunderbolt DCH Driver for Windows Advisory | CVE-2021-0110 | INTEL-SA-00533 | 2021-11-09 | 2022-09-19 |
| LEN-91355 | Brocade Fabric OS - Security Update | CVE-2022-28169, CVE-2022-28170, CVE-2022-33178, CVE-2022-33179, CVE-2022-33180, CVE-2022-33181, CVE-2022-33182, CVE-2022-33183, CVE-2022-33184, CVE-2022-33185 | BSA-2022-2075 | 2022-09-13 | 2022-09-13 |
| LEN-87828 | AMI MegaRAC SP-X BMC Vulnerabilities | No CVEs - AMI | 2022-09-13 | 2022-09-13 | |
| LEN-91361 | Remote Support Authentication Vulnerability in IBM Spectrum Virtualize and Lenovo Storage V Series | CVE-2021-38969 | 2022-08-15 | 2022-08-15 | |
| LEN-75213 | Intel Ethernet Controllers and Adapters Advisory | CVE-2021-33126, CVE-2021-33128, CVE-2022-28709 | INTEL-SA-00593 | 2022-08-09 | 2022-08-10 |
| LEN-91934 | AMD Processor Execution Unit Scheduler Contention Side-Channel Vulnerability | CVE-2021-46778 | AMD-SB-1039 | 2022-08-09 | 2022-08-09 |
| LEN-91374 | Intel AMT and Intel Standard Manageability Advisory | CVE-2022-30601, CVE-2022-30944, CVE-2022-28697 | INTEL-SA-00709 | 2022-08-09 | 2022-08-09 |
| LEN-91373 | Intel Processors Post-barrier RSB predictions Advisory | CVE-2022-26373 | INTEL-SA-00706 | 2022-08-09 | 2022-08-09 |
| LEN-76842 | Intel IPP Cryptography Advisory (Used in Intel SGX) | CVE-2021-33147 | INTEL-SA-00600 | 2022-02-08 | 2022-08-08 |
| LEN-75180 | Multi-vendor BIOS Security Vulnerabilities (November 2021) | CVE-2020-12944, CVE-2020-12946, CVE-2020-12951, CVE-2020-12954, CVE-2020-12961, CVE-2020-12988, CVE-2021-26312, CVE-2021-26315, CVE-2021-26320, CVE-2021-26321, CVE-2021-26322, CVE-2021-26323, CVE-2021-26325, CVE-2021-26326, CVE-2021-26327, CVE-2021-26329, CVE-2021-26330, CVE-2021-26331, CVE-2021-26335, CVE-2021-26336, CVE-2021-26337, CVE-2021-26338, CVE-2021-0146, CVE-2021-0157, CVE-2021-0158, CVE-2021-26324, CVE-2021-26332, CVE-2021-26351, CVE-2021-26352, CVE-2021-26353, CVE-2021-26370, CVE-2021-26390, CVE-2021-26408, CVE-2021-46771 | AMD-SB-1021, INTEL-SA-00528, INTEL-SA-00562 | 2021-11-09 | 2022-08-08 |
| LEN-65535 | NVIDIA GeForce Experience - June 2021 | CVE-2021-1073 | 2021-08-10 | 2022-08-08 | |
| LEN-62742 | Multi-vendor BIOS Security Vulnerabilities (June 2021) | CVE-2020-24489, CVE-2020-0589, CVE-2020-8700, CVE-2020-8670, CVE-2020-12357, CVE-2020-12358, CVE-2020-12359, CVE-2020-12360, CVE-2020-24486, CVE-2020-24511, CVE-2020-24512, CVE-2020-24513 | INTEL-SA-00442, INTEL-SA-00463, INTEL-SA-00464, INTEL-SA-00465, 2021.1 IPU | 2021-06-08 | 2022-08-08 |
| LEN-60190 | Intel Rapid Storage Technology (RST) Advisory | CVE-2021-0104 | INTEL-SA-00545 | 2021-06-08 | 2022-08-08 |
| LEN-59494 | Intel IPP and SGX Software Advisory | CVE-2021-0001 | INTEL-SA-00477 | 2021-06-08 | 2022-08-08 |
| LEN-51734 | Multiple Bluetooth Core Specification Vulnerabilities | CVE-2020-26555, CVE-2020-26556, CVE-2020-26557, CVE-2020-26558, CVE-2020-26559, CVE-2020-26560 | INTEL-SA-00520, VU#799380 | 2021-06-08 | 2022-08-08 |
| LEN-91364 | Intel Processors Return Stack Buffer Underflow Advisory | CVE-2022-29901 | INTEL-SA-00702, Retbleed | 2022-07-12 | 2022-07-12 |
| LEN-91363 | Intel Processors RRSBA Advisory | CVE-2022-28693 | INTEL-SA-00707 | 2022-07-12 | 2022-07-12 |
| LEN-91351 | AMD CPU Branch Type Confusion Vulnerabilities | CVE-2022-29900, CVE-2022-23825 | AMD-SB-1037, Retbleed | 2022-07-12 | 2022-07-12 |
| LEN-90914 | NetApp E-Series SANtricity OS Controller Software Vulnerabilities | CVE-2022-23236, CVE-2022-23237 | NTAP-20220527-0001, NTAP-20220527-0002 | 2022-06-14 | 2022-07-08 |
| LEN-90920 | Intel and AMD Software Developer Guidance for Power Advisory | CVE-2022-23823, CVE-2022-24436 | INTEL-SA-00698, AMD-SB-1038, Hertzbleed | 2022-06-14 | 2022-06-14 |
| LEN-84094 | Intel Processors MMIO Undefined Access Advisory | CVE-2022-21180 | INTEL-SA-00645 | 2022-06-14 | 2022-06-14 |
| LEN-73440 | Lenovo Notebook BIOS Vulnerabilities | CVE-2021-3970, CVE-2021-3971, CVE-2021-3972 | 2022-04-18 | 2022-06-13 | |
| LEN-68037 | Intel SSD Firmware Advisory | CVE-2021-33078, CVE-2021-33077, CVE-2021-33080, CVE-2021-33074, CVE-2021-33069, CVE-2021-33075, CVE-2021-33083, CVE-2021-33082 | INTEL-SA-00563 | 2022-05-10 | 2022-06-13 |
| LEN-65136 | NVIDIA GPU Display Drivers - July 2021 | CVE-2021-1089, CVE-2021-1090, CVE-2021-1091, CVE-2021-1092, CVE-2021-1093, CVE-2021-1094, CVE-2021-1095, CVE-2021-1096, CVE-2021-1097, CVE-2021-1098, CVE-2021-1099, CVE-2021-1100, CVE-2021-1101, CVE-2021-1102, CVE-2021-1103 | 2021-08-10 | 2022-06-13 | |
| LEN-60193 | Intel® PROSet and Killer™ Wireless WiFi Software Advisory | CVE-2021-0063, CVE-2021-0069, CVE-2021-0071, CVE-2021-0075, CVE-2021-0078, CVE-2021-0079, CVE-2021-0082, CVE-2021-0064, CVE-2021-0065 | INTEL-SA-00509 | 2021-11-09 | 2022-06-10 |
| LEN-59604 | NVIDIA GPU Display Driver - April 2021 Security Bulletin | CVE-2021-1074, CVE-2021-1075, CVE-2021-1076, CVE-2021-1077, CVE-2021-1078, CVE-2021-1080, CVE-2021-1081, CVE-2021-1082, CVE-2021-1083, CVE-2021-1084, CVE-2021-1085, CVE-2021-1086, CVE-2021-1087 | 2021-05-11 | 2022-06-10 | |
| LEN-58888 | Intel ProSet and Wireless WiFi Driver Advisory | CVE-2021-0105 | INTEL-SA-00472 | 2021-06-08 | 2022-06-10 |
| LEN-51720 | Intel® PROSet and Killer™ Wireless WiFi Driver Advisory | CVE-2020-24458 | INTEL-SA-00448 | 2021-02-09 | 2022-06-10 |
| LEN-50820 | Intel CSI2 Host Controller Advisory | CVE-2020-0573 | INTEL-SA-00427 | 2020-11-13 | 2022-06-10 |
| LEN-42153 | AMD Radeon DirectX 11 Driver Vulnerabilities | CVE-2020-6100, CVE-2020-6101, CVE-2020-6102, CVE-2020-6103 | 2020-09-08 | 2022-06-10 | |
| LEN-62747 | Intel SSD DC Firmware Advisory | CVE-2021-0148 | INTEL-SA-00535 | 2021-11-09 | 2022-05-23 |
| LEN-65525 | AMD Secure Encryption Virtualization (SEV) Information Disclosure | CVE-2020-12966 | AMD-SB-1013 | 2021-08-10 | 2022-05-20 |
| LEN-87823 | AMD Speculative Load Disordering | CVE-2021-26400 | AMD-SB-1035 | 2022-05-10 | 2022-05-10 |
| LEN-87817 | Ciphertext Side Channels on AMD SEV | CVE-2021-46744 | AMD-SB-1033 | 2022-05-10 | 2022-05-10 |
| LEN-79452 | Lenovo Smart Standby Driver Vulnerability | CVE-2022-1110 | 2022-05-10 | 2022-05-10 | |
| LEN-79450 | Intel Processor Speculative Cross Store Bypass Advisory | CVE-2021-33149 | INTEL-SA-00648 | 2022-05-10 | 2022-05-10 |
| LEN-87699 | Spring Framework Vulnerability | CVE-2022-22965 | Spring4Shell | 2022-04-12 | 2022-05-09 |
| LEN-84079 | NetApp Active IQ Unified Manager Information Disclosure Vulnerability | CVE-2022-23235 | NTAP-20220324-0001 | 2022-04-12 | 2022-05-09 |
| LEN-67440 | Multi-vendor BIOS Security Vulnerabilities (September 2021) | CVE-2021-3519, CVE-2021-3599, CVE-2021-3719, CVE-2021-3786, CVE-2021-23840 | 2021-09-14 | 2022-05-09 | |
| LEN-51719 | Intel SGX Platform Advisory | CVE-2020-24491 | INTEL-SA-00455 | 2021-02-09 | 2022-05-09 |
| LEN-48973 | AMD Radeon Driver Vulnerability | CVE-2020-12933 | AMD-2020-0153 | 2020-10-13 | 2022-05-09 |
| LEN-48405 | AMD Radeon Driver Vulnerability | CVE-2020-12911 | AMD-2020-0155 | 2020-10-13 | 2022-05-09 |
| LEN-76673 | Lenovo System Update Privilege Escalation Vulnerability | CVE-2022-0354 | 2022-04-12 | 2022-04-12 | |
| LEN-58311 | Motorola Android App Vulnerabilities | CVE-2021-3898 | 2022-04-12 | 2022-04-12 | |
| LEN-73432 | Intel Core Processors with Radeon RX Vega M GL Graphics Advisory | CVE-2020-12892, CVE-2020-12893, CVE-2020-12894, CVE-2020-12895, CVE-2020-12897, CVE-2020-12898, CVE-2020-12899, CVE-2020-12900, CVE-2020-12901, CVE-2020-12902, CVE-2020-12903, CVE-2020-12904, CVE-2020-12905, CVE-2020-12963, CVE-2020-12964, CVE-2020-12980, CVE-2020-12981, CVE-2020-12982, CVE-2020-12983, CVE-2020-12985, CVE-2020-12986, CVE-2020-12987, CVE-2021-33105 | INTEL-SA-00481 | 2021-11-09 | 2022-04-11 |
| LEN-66618 | Intel Ethernet Drivers Advisory | CVE-2021-33058, CVE-2021-33059, CVE-2021-33098 | INTEL-SA-00555 | 2021-11-09 | 2022-04-11 |
| LEN-66617 | Intel Ethernet Advisory | CVE-2021-0197, CVE-2021-0198, CVE-2021-0199, CVE-2021-0200 | INTEL-SA-00554 | 2021-11-09 | 2022-04-11 |
| LEN-51726 | Intel RealSense DCM Advisory | CVE-2020-8765 | INTEL-SA-00397 | 2021-02-09 | 2022-04-11 |
| LEN-51723 | Intel Graphics Drivers Advisory | CVE-2020-0518, CVE-2020-0521, CVE-2020-0544, CVE-2020-12361, CVE-2020-12362, CVE-2020-12363, CVE-2020-12364, CVE-2020-12365, CVE-2020-12366, CVE-2020-12367, CVE-2020-12368, CVE-2020-12369, CVE-2020-12370, CVE-2020-12371, CVE-2020-12372, CVE-2020-12373, CVE-2020-12384, CVE-2020-12385, CVE-2020-12386, CVE-2020-24448, CVE-2020-24450, CVE-2020-8678 | INTEL-SA-00438 | 2021-02-09 | 2022-04-11 |
| LEN-50822 | Intel® Ethernet 700 Series Controller Advisory | CVE-2020-8690, CVE-2020-8691, CVE-2020-8692, CVE-2020-8693 | INTEL-SA-00380 | 2020-11-13 | 2022-04-11 |
| LEN-49266 | Multi-vendor BIOS Security Vulnerabilities (November 2020) | CVE-2020-0587, CVE-2020-0588, CVE-2020-0590, CVE-2020-0591, CVE-2020-0592, CVE-2020-0593, CVE-2020-1025, CVE-2020-1289, CVE-2020-12926, CVE-2020-29633, CVE-2020-8694, CVE-2020-8695, CVE-2020-8696, CVE-2020-8698, CVE-2020-8352, CVE-2020-8354 | INTEL-SA-00381, INTEL-SA-00358, INTEL-SA-00389, 2020.2 IPU | 2020-11-10 | 2022-04-11 |
| LEN-84065 | AMD CPUs May Transiently Execute Beyond Unconditional Direct Branch | CVE-2021-26341 | AMD-SB-1026 | 2022-03-08 | 2022-03-08 |
| LEN-84058 | NetApp SnapCenter Information Disclosure Vulnerability | CVE-2022-23234 | NTAP-20220228-0001 | 2022-03-08 | 2022-03-08 |
| LEN-79718 | Brocade Fabric OS Vulnerabilities | CVE-2021-27796, CVE-2021-27797 | BSA-2021-1721, BSA-2021-1722 | 2022-03-08 | 2022-03-08 |
| LEN-79451 | AMD and Intel Processor Advisory | CVE-2022-0001, CVE-2022-0002, CVE-2021-26401, CVE-2017-5715 | INTEL-SA-00598, AMD-SB-1036 | 2022-03-08 | 2022-03-08 |
| LEN-78116 | Lenovo Thin Installer Denial of Service Vulnerability | CVE-2022-0636 | 2022-03-08 | 2022-03-08 | |
| LEN-78115 | Glance by Mirametrix Vulnerability | CVE-2022-24696 | 2022-03-08 | 2022-03-08 | |
| LEN-60195 | Intel Ethernet Linux Driver Advisory | CVE-2021-0084, CVE-2021-0002, CVE-2021-0003 | INTEL-SA-00515 | 2021-08-10 | 2022-03-07 |
| LEN-60192 | Intel Ethernet Adapters 800 Series Advisory | CVE-2021-0004, CVE-2021-0005, CVE-2021-0006, CVE-2021-0007, CVE-2021-0008, CVE-2021-0009 | INTEL-SA-00479 | 2021-08-10 | 2022-03-07 |
| LEN-51727 | Intel Ethernet I210 Controller Advisory | CVE-2020-0522, CVE-2020-0523, CVE-2020-0524, CVE-2020-0525 | INTEL-SA-00318 | 2021-02-09 | 2022-03-07 |
| LEN-51721 | Intel SGX Platform Software Advisory | CVE-2020-24452 | INTEL-SA-00444 | 2021-02-09 | 2022-03-07 |
| LEN-45678 | Intel Thunderbolt DCH Drivers for Windows Advisory | CVE-2020-12324, CVE-2020-12325, CVE-2020-12326, CVE-2020-12327, CVE-2020-12328 | INTEL-SA-00422 | 2020-11-10 | 2022-03-07 |
| LEN-51735 | NVIDIA GPU Display Driver - January 2021 Security Bulletin | CVE-2021-1051, CVE-2021-1052, CVE-2021-1053, CVE-2021-1054, CVE-2021-1055, CVE-2021-1057, CVE-2021-1058, CVE-2021-1059, CVE-2021-1060, CVE-2021-1061, CVE-2021-1062, CVE-2021-1063, CVE-2021-1064, CVE-2021-1065, CVE-2021-1066 | 2021-01-12 | 2022-02-07 | |
| LEN-50824 | Intel BIOS Platform Sample Code Advisory | CVE-2020-8738, CVE-2020-8739, CVE-2020-8740, CVE-2020-8764 | INTEL-SA-00390 | 2020-11-13 | 2022-02-07 |
| LEN-47663 | NVIDIA GPU Display Driver - September 2020 Security Bulletin | CVE-2020-5979, CVE-2020-5980, CVE-2020-5981, CVE-2020-5981, CVE-2020-5982, CVE-2020-5983, CVE-2020-5984, CVE-2020-5985, CVE-2020-5986, CVE-2020-5987, CVE-2020-5988, CVE-2020-5989 | 2020-10-13 | 2022-02-07 | |
| LEN-45349 | Nuvoton TPM 2.0 ECDSA Vulnerability | CVE-2020-25082 | SA-002 | 2021-08-10 | 2022-02-07 |
| LEN-43118 | Intel Thunderbolt Controller Advisory | CVE-2020-12288, CVE-2020-12289, CVE-2020-12290, CVE-2020-12291, CVE-2020-12292, CVE-2020-12293, CVE-2020-12294, CVE-2020-12295, CVE-2020-12296 | INTEL-SA-00401 | 2021-06-08 | 2022-02-07 |
| LEN-36229 | Intel Graphics Driver for Windows | CVE-2020-0510, CVE-2020-0512, CVE-2020-0513, CVE-2020-8679, CVE-2020-8680, CVE-2020-8681, CVE-2020-8682, CVE-2020-8683 | INTEL-SA-00369 | 2020-08-11 | 2022-02-07 |
| LEN-75210 | Lenovo Vantage Component Vulnerabilities | CVE-2021-3922, CVE-2021-3969 | 2021-12-14 | 2021-12-21 | |
| LEN-72074 | Read-Only LDAP Authentication Bypass Vulnerability in Lenovo XClarity Controller (XCC) Firmware | CVE-2021-3956 | 2021-12-14 | 2021-12-16 | |
| LEN-75179 | TLB Poisoning Attacks on AMD Secure Encrypted Virtualization (SEV) | CVE-2021-26340 | AMD-SB-1023 | 2021-12-14 | 2021-12-14 |
| LEN-72615 | Authentication Bypass Vulnerabilities in FPC2 and SMM Firmware | CVE-2021-3849, CVE-2021-3897 | 2021-12-14 | 2021-12-14 | |
| LEN-45682 | Intel PROSet Wireless WiFi Software Advisory | CVE-2020-12313, CVE-2020-12314, CVE-2020-12317, CVE-2020-12318, CVE-2020-12319, CVE-2017-13080 | INTEL-SA-00402 | 2020-11-10 | 2021-12-03 |
| LEN-61893 | Intel BSSA DFT Advisory | CVE-2021-0144 | INTEL-SA-00525 | 2021-07-13 | 2021-12-02 |
| LEN-60194 | Intel Optane PMem Advisory | CVE-2021-0083 | INTEL-SA-00512 | 2021-08-10 | 2021-12-02 |
| LEN-60189 | Intel Optane DC Persistent Memory for Windows Advisory | CVE-2021-0106 | INTEL-SA-00541 | 2021-06-08 | 2021-12-02 |
| LEN-51718 | Intel Ethernet Controllers Advisory | CVE-2020-24492, CVE-2020-24493, CVE-2020-24494, CVE-2020-24495, CVE-2020-24496, CVE-2020-24497, CVE-2020-24498, CVE-2020-24500, CVE-2020-24501, CVE-2020-24505 | INTEL-SA-00456 | 2021-02-09 | 2021-12-02 |
| LEN-74278 | NetApp Clustered Data ONTAP Vulnerabilities | CVE-2021-27001, CVE-2021-27004, CVE-2021-27005 | NTAP-20211018-0001, NTAP-20211029-0001, NTAP-20211029-0002 | 2021-11-09 | 2021-12-01 |
| LEN-45681 | Intel Wireless Bluetooth Advisory | CVE-2020-12321, CVE-2020-12322 | INTEL-SA-00403 | 2020-11-10 | 2021-12-01 |
| LEN-41208 | Intel RAPL Interface Advisory | CVE-2020-8694, CVE-2020-8695 | INTEL-SA-00389, 2020.2 IPU | 2020-11-10 | 2021-12-01 |
| LEN-65529 | Lenovo BIOS Vulnerabilities (July 2021) | CVE-2021-3452, CVE-2021-3453, CVE-2021-3614 | 2021-07-13 | 2021-11-15 | |
| LEN-65532 | Realtek Driver Privilege Escalation Vulnerability | CVE-2021-36922, CVE-2021-36923, CVE-2021-36924, CVE-2021-36925 | 2021-11-09 | 2021-11-09 | |
| LEN-60186 | Intel Thunderbolt non-DCH Driver for Windows Advisory | CVE-2020-8741 | INTEL-SA-00393 | 2021-11-09 | 2021-11-09 |
| LEN-73443 | NetApp Clustered Data ONTAP X-Frame-Options Header Vulnerability | CVE-2021-27003 | NTAP-20211012-0001 | 2021-10-12 | 2021-10-22 |
| LEN-65528 | AMD x86 PREFETCH instruction related side-channels | CVE-2021-26318 | AMD-SB-1017 | 2021-10-12 | 2021-10-12 |
| LEN-39432 | Intel CSME, SPS, TXE, DAL and AMT Advisory | CVE-2020-12297, CVE-2020-12303, CVE-2020-12304, CVE-2020-12354, CVE-2020-12355, CVE-2020-12356, CVE-2020-8705, CVE-2020-8744, CVE-2020-8745, CVE-2020-8746, CVE-2020-8747, CVE-2020-8749, CVE-2020-8750, CVE-2020-8751, CVE-2020-8752, CVE-2020-8753, CVE-2020-8754, CVE-2020-8755, CVE-2020-8756, CVE-2020-8757, CVE-2020-8760, CVE-2020-8761, CVE-2020-29633 | INTEL-SA-00391, 2020.2 IPU | 2020-11-10 | 2021-10-04 |
| LEN-66347 | Command Injection Vulnerability in Legacy IBM System x IMM | CVE-2021-3723 | 2021-09-14 | 2021-09-14 | |
| LEN-65530 | Brocade Fabric OS Vulnerability | CVE-2021-27794 | BSA-2021-1552 | 2021-08-10 | 2021-09-13 |
| LEN-30041 | Intel CSME, SPS, TXE, AMT and DAL Advisory | CVE-2020-0542, CVE-2020-0532, CVE-2020-0538, CVE-2020-0534, CVE-2020-0541, CVE-2020-0533, CVE-2020-0537, CVE-2020-0531, CVE-2020-,0535, CVE-2020-0536, CVE-2020-0545, CVE-2020-0540, CVE-2020-0566, CVE-2020-0539, CVE-2020-0586, CVE-2020-0594, CVE-2020-0595, CVE-2020-0596, CVE-2020-8674 , CVE-2020-0597, CVE-2020-11899, CVE-2020-11900, CVE-2020-11905 | VU#257161, INTEL-SA-00295, Ripple20 | 2020-06-09 | 2021-09-13 |
| LEN-60182 | Brocade Fabric OS Vulnerabilities | CVE-2019-11479, CVE-2019-16168, CVE-2019-19645, CVE-2019-19646, CVE-2020-11023, CVE-2020-11656, CVE-2020-13434, CVE-2020-13435, CVE-2020-13630, CVE-2020-13631, CVE-2020-13632, CVE-2020-15383, CVE-2020-15386, CVE-2020-15388, CVE-2020-1971, CVE-2021-27789, CVE-2021-27790, CVE-2021-27791, CVE-2021-27792, CVE-2021-3449, CVE-2020-11022 | BSA-2021-1440, BSA-2021-1495, BSA-2020-973, BSA-2021-1491, BSA-2020-945, BSA-2020-1166, BSA-2019-827, BSA-2021-1496, BSA-2021-1494, BSA-2020-972, BSA-2021-1490, BSA-2021-1493, BSA-2021-1492 | 2021-06-08 | 2021-08-27 |
| LEN-37550 | Intel BIOS Advisory | CVE-2019-14556, CVE-2019-14557, CVE-2019-14558, CVE-2020-8671, CVE-2020-8672, CVE-2020-0571, CVE-2020-24457 | INTEL-SA-00347, INTEL-SA-00356 | 2020-09-08 | 2021-08-27 |
| LEN-60063 | AMD Secure Encrypted Virtualization (SEV) Vulnerabilities | CVE-2020-12967, CVE-2021-26311 | AMD-SB-1004 | 2021-05-11 | 2021-08-20 |
| LEN-50481 | AMD Energy Driver for Linux Vulnerability (RAPL) | CVE-2020-12912 | 2020-11-10 | 2021-08-20 | |
| LEN-63220 | AMD Transient Execution of Non-Canonical Accesses | CVE-2020-12965 | AMD-SB-1010 | 2021-08-10 | 2021-08-10 |
| LEN-60187 | Intel SPS Advisory | CVE-2021-0051 | INTEL-SA-00500 | 2021-06-08 | 2021-07-23 |
| LEN-30555 | Intel Graphics Driver for Windows | CVE-2020-0501, CVE-2020-0502, CVE-2020-0503, CVE-2020-0504, CVE-2020-0505, CVE-2020-0506, CVE-2020-0507, CVE-2020-0508, CVE-2020-0511, CVE-2020-0514, CVE-2020-0515, CVE-2020-0516, CVE-2020-0517, CVE-2020-0519, CVE-2020-0520, CVE-2020-0565, CVE-2020-0567 | INTEL-SA-00315 | 2020-03-10 | 2021-07-23 |
| LEN-62743 | NetApp SANtricity OS Controller Software 11.x Vulnerabilities | CVE-2021-26993, CVE-2021-26995, CVE-2021-26996, CVE-2021-26997 | NTAP-20210610-0001, NTAP-20210610-0002, NTAP-20210610-0003, NTAP-20210610-0004 | 2021-07-13 | 2021-07-13 |
| LEN-45680 | Intel High Definition Audio Advisory | CVE-2020-12307 | INTEL-SA-00409 | 2020-11-10 | 2021-07-13 |
| LEN-36925 | NVIDIA GPU Display Driver - June 2020 Security Bulletin | CVE-2020-5962, CVE-2020-5963, CVE-2020-5964, CVE-2020-5965, CVE-2020-5966, CVE-2020-5967, CVE-2020-5968, CVE-2020-5969, CVE-2020-5970, CVE-2020-5971, CVE-2020-5972, CVE-2020-5973 | 2020-07-14 | 2021-06-15 | |
| LEN-61860 | NetApp Clustered Data ONTAP Denial of Service Vulnerability | CVE-2021-26994 | NTAP-20210601-0001 | 2021-06-08 | 2021-06-08 |
| LEN-60191 | Speculative Code Store Bypass (SCSB) and Floating-Point Value Injection (FPVI) Advisory | CVE-2021-0086, CVE-2021-0089, CVE-2021-26313, CVE-2021-26314 | AMD-SB-1003, INTEL-SA-00516 | 2021-06-08 | 2021-06-08 |
| LEN-57315 | Nuvoton TPM 1.2 Vulnerability | CVE-2021-32015 | SA-001 | 2021-06-08 | 2021-06-08 |
| LEN-42578 | AMI MegaRAC SP-X BMC Vulnerability | No CVE | 2020-11-10 | 2021-05-20 | |
| LEN-36230 | Intel PROSet Wireless WiFi Software Advisory | CVE-2020-0559 | INTEL-SA-00355 | 2020-08-11 | 2021-05-20 |
| LEN-30042 | Multi-vendor BIOS Security Vulnerabilities (June 2020) | CVE-2020-0528, CVE-2020-0529, CVE-2020-8320, CVE-2020-8321, CVE-2020-8322, CVE-2020-8323, CVE-2020-8334 , CVE-2020-8336, CVE-2019-14561, CVE-2019-14562, CVE-2020-8333 | INTEL-SA-00322, 2020.1 IPU | 2020-06-09 | 2021-05-19 |
| LEN-29592 | AMI MegaRAC SP-X BMC Vulnerabilities | See advisory for complete list | 2020-04-14 | 2021-05-19 | |
| LEN-59174 | Lenovo Power Management Driver Vulnerabilities | CVE-2021-3462, CVE-2021-3463 | 2021-04-13 | 2021-04-13 | |
| LEN-52117 | Lenovo XClarity Controller (XCC) Information Disclosure Vulnerability | CVE-2021-3473 | 2021-04-13 | 2021-04-13 | |
| LEN-35373 | Dolby DAX2 API Vulnerability | CVE-2021-3146 | 2021-04-13 | 2021-04-13 | |
| LEN-41856 | Intel AMT and Intel ISM Advisory | CVE-2020-8758 | INTEL-SA-00404 | 2020-09-08 | 2021-04-02 |
| LEN-34794 | GRUB2 Vulnerability – AKA "Boot Hole" | CVE-2020-10713 | ADV200011, BootHole | 2020-07-30 | 2021-03-19 |
| LEN-59179 | NetApp Clustered Data ONTAP Vulnerabilities | CVE-2021-26988, CVE-2021-26989 | NTAP-20210303-0001, NTAP-20210303-0002 | 2021-03-09 | 2021-03-17 |
| LEN-49884 | Lenovo XClarity Orchestrator (LXCO) Information Disclosure Vulnerabilities | CVE-2020-8356, CVE-2021-3417 | 2021-03-09 | 2021-03-09 | |
| LEN-58436 | NetApp OnCommand System Manager 9.x Vulnerability | CVE-2020-8587 | NTAP-20210208-0001 | 2021-02-09 | 2021-02-19 |
| LEN-51724 | Intel Optane DC Persistent Memory Advisory | CVE-2020-24451 | INTEL-SA-00436 | 2021-02-09 | 2021-02-19 |
| LEN-56879 | NetApp Clustered Data ONTAP Vulnerabilities | CVE-2020-8578, CVE-2020-8581, CVE-2020-8588, CVE-2020-8589, CVE-2020-8590 | NTAP-20210119-0001, NTAP-20210201-0001, NTAP-20210201-0002, NTAP-20210208-0002, NTAP-20210208-0003 | 2021-02-09 | 2021-02-09 |
| LEN-50446 | Lenovo XClarity Administrator (LXCA) Information Disclosure Vulnerability | CVE-2020-8355 | 2021-02-09 | 2021-02-09 | |
| LEN-50821 | Intel® PMC Advisory | CVE-2020-0599 | INTEL-SA-00360 | 2020-11-13 | 2021-02-01 |
| LEN-30040 | Intel SSD Advisory | CVE-2020-0527 | INTEL-SA-00266, 2020.1 IPU | 2020-06-09 | 2021-02-01 |
| LEN-50102 | NetApp SANtricity OS Controller Software Vulnerabilities | CVE-2020-8577, CVE-2020-8580 | NTAP-20201105-0001, NTAP-20201105-0002 | 2020-11-10 | 2021-01-13 |
| LEN-45679 | Intel HID Event Filter Driver Advisory | CVE-2020-12332 | INTEL-SA-00421 | 2020-11-10 | 2021-01-13 |
| LEN-31390 | Intel Thunderbolt Vulnerabilities | CVE-2019-14630 | INTEL-SA-00411, Thunderspy | 2020-06-09 | 2021-01-12 |
| LEN-30553 | Intel SGX and Processor Side Channel Data Leakage Vulnerabilities | CVE-2020-0551, CVE-2020-0561 | INTEL-SA-00334, INTEL-SA-00336 | 2020-03-10 | 2020-12-21 |
| LEN-51499 | Brocade Fabric OS Vulnerability | CVE-2020-15376 | BSA-2020-1158 | 2020-12-08 | 2020-12-08 |
| LEN-50823 | Intel® Unite Client for Windows Advisory | CVE-2020-0575 | INTEL-SA-00350 | 2020-11-13 | 2020-12-08 |
| LEN-44725 | Embedded Host Based Configuration (EHBC) feature of Intel AMT Enabled | CVE-2020-8353 | 2020-11-10 | 2020-11-13 | |
| LEN-49998 | NetApp Clustered Data ONTAP 9.7.x Vulnerability | CVE-2020-8579 | NTAP-20201026-0001 | 2020-11-10 | 2020-11-10 |
| LEN-31043 | Intel SSD Advisory | CVE-2020-0584, CVE-2020-12309, CVE-2020-12310, CVE-2020-12311 | INTEL-SA-00362 | 2020-11-10 | 2020-11-10 |
| LEN-30458 | NVIDIA Windows GPU Display Driver Vulnerabilities - February 2020 | CVE-2020-5957, CVE-2020-5958, CVE-2020-5959, CVE-2020-5960, CVE-2020-5961 | 2020-03-10 | 2020-11-08 | |
| LEN-30707 | Synaptics Audio Driver Vulnerability | CVE-2020-8337 | 2020-06-09 | 2020-11-05 | |
| LEN-38625 | System Management Mode (SMM) BIOS Vulnerability in some legacy System x servers | CVE-2020-8332 | 2020-10-13 | 2020-10-21 | |
| LEN-31334 | ALPS ALPINE Touchpad Driver Vulnerabilities | CVE-2020-15596 | 2020-08-11 | 2020-10-21 | |
| LEN-30043 | Intel Special Register Buffer Data Sampling Advisory | CVE-2020-0543 | INTEL-SA-00320 | 2020-06-09 | 2020-10-21 |
| LEN-48228 | Lenovo ThinkPad Stack Wireless Router Vulnerability | CVE-2020-8350 | 2020-10-13 | 2020-10-13 | |
| LEN-46654 | Brocade Fabric OS and SANnav Vulnerabilities | CVE-2018-6447, CVE-2018-6448, CVE-2018-6449, CVE-2019-16211, CVE-2019-16212, CVE-2020-15369, CVE-2020-15370, CVE-2020-15371, CVE-2020-15372, CVE-2020-15373, CVE-2020-15374, CVE-2020-15375 | BSA-2020-1073, BSA-2020-1075, BSA-2020-1077, BSA-2020-1076, BSA-2020-1074, BSA-2020-1078, BSA-2020-1079, BSA-2020-1080, BSA-2020-1081, BSA-2020-1082, BSA-2020-1083, BSA-2020-1084 | 2020-10-13 | 2020-10-13 |
| LEN-44423 | Cloud Networking Operating System (CNOS) Vulnerability | CVE-2020-8349 | 2020-10-13 | 2020-10-13 | |
| LEN-44421 | Lenovo Vantage HardwareScan Plugin Vulnerability | CVE-2020-8345 | 2020-10-13 | 2020-10-13 | |
| LEN-32702 | Lenovo Diagnostics Vulnerability | CVE-2020-8338 | 2020-10-13 | 2020-10-13 | |
| LEN-31372 | Synaptics Fingerprint Vulnerabilities | CVE-2019-18618, CVE-2019-18619 | 2020-07-14 | 2020-09-18 | |
| LEN-30557 | Intel Wireless Bluetooth Vulnerability | CVE-2019-14620 | INTEL-SA-00337 | 2020-08-11 | 2020-09-14 |
| LEN-30550 | Intel PROSet/Wireless WiFi Software Advisory | CVE-2020-0557, CVE-2020-0558 | INTEL-SA-00338 | 2020-04-14 | 2020-09-14 |
| LEN-30552 | Intel Smart Sound Technology | CVE-2020-0583 | INTEL-SA-00354 | 2020-03-10 | 2020-09-12 |
| LEN-44717 | XSS Vulnerability in Legacy System x IMM2 | CVE-2020-8340 | 2020-09-08 | 2020-09-11 | |
| LEN-38717 | Lenovo Vantage Vulnerability | CVE-2020-8346 | 2020-09-08 | 2020-09-10 | |
| LEN-42150 | Lenovo System Update Vulnerability | CVE-2020-8342 | 2020-09-08 | 2020-09-08 | |
| LEN-38385 | XSSI Vulnerability in legacy IBM BladeCenter AMM | CVE-2020-8339 | 2020-09-08 | 2020-09-08 | |
| LEN-30506 | Realtek Audio Driver Vulnerability | CVE-2019-19705 | 2020-03-10 | 2020-08-25 | |
| LEN-30417 | Sierra Wireless Mobile Broadband Software Vulnerability | CVE-2020-8948 | SWI-PSA-2020-002 | 2020-04-14 | 2020-04-14 |
| LEN-30401 | Lenovo Vantage Vulnerabilities | CVE-2020-8316, CVE-2020-8318, CVE-2020-8319, CVE-2020-8324, CVE-2020-8327 | 2020-04-14 | 2020-04-14 | |
| LEN-30556 | Intel Optane DC Persistent Memory Module Management Software | CVE-2020-0546 | INTEL-SA-00326 | 2020-03-10 | 2020-03-10 |
| LEN-29942 | Lenovo XClarity Administrator (LXCA) Vulnerability | CVE-2019-19756 | 2020-03-10 | 2020-03-10 |
|
Lenovo ID |
Advisory Summary |
CVEs |
First Published |
Last Updated |
|---|---|---|---|---|
| LEN-29482 | Intel Software Guard Extensions (SGX) Vulnerabilities | CVE-2019-14565, CVE-2019-14566 | 2019-11-12 | 2023-08-08 |
| LEN-27714 | Multi-vendor BIOS Security Vulnerabilities | CVE-2019-0117, CVE-2019-0123, CVE-2019-0124, CVE-2019-0151, CVE-2019-0152, CVE-2019-0154, CVE-2019-0184, CVE-2019-0185, CVE-2019-6170, CVE-2019-6172, CVE-2019-6174, CVE-2019-6188, CVE-2019-11135, CVE-2019-11136, CVE-2019-11137, CVE-2019-11139, CVE-2019-18279 | 2019-11-12 | 2023-08-08 |
| LEN-26293 | Intel CSME, Server Platform Services, Trusted Execution Engine and Intel Active Management Technology Vulnerabilities | CVE-2019-0086 , CVE-2019-0089 , CVE-2019-0090 , CVE-2019-0091 , CVE-2019-0092 , CVE-2019-0093 , CVE-2019-0094 , CVE-2019-0096 , CVE-2019-0097 , CVE-2019-0098 , CVE-2019-0099, CVE-2019-0153, CVE-2019-0170 | 2019-05-14 | 2023-08-08 |
| LEN-29926 | Intel Chipset Device Software INF Utility Advisory | CVE-2019-14596 | 2020-01-14 | 2023-08-08 |
| LEN-29761 | Intel PROSet/Wireless WiFi Software Vulnerabilities | CVE-2019-11151, CVE-2019-11152, CVE-2019-11153, CVE-2019-11154, CVE-2019-11155, CVE-2019-11156 | 2019-11-19 | 2023-08-08 |
| LEN-26250 | NVIDIA GPU Display Driver Update | CVE-2019-5665, CVE-2019-5666, CVE-2019-5667, CVE-2019-5668, CVE-2019-5669, CVE-2019-5670, CVE-2019-5671, CVE-2018-6260 | 2019-04-18 | 2023-08-08 |
| LEN-25444 | NVIDIA GeForce Experience Vulnerabilities | CVE‑2018‑6263, CVE‑2018‑6265, CVE‑2018‑6266 | 2019-04-04 | 2023-08-08 |
| LEN-26562 | Intel USB 3.0 eXtensible Host Controller Driver Vulnerability | CVE-2018-3700 | 2019-05-02 | 2023-08-08 |
| LEN-20494 | TPM 2.0 Sleep-Wake Error in BIOS Firmware | CVE-2018-6622 | 2018-07-26 | 2023-08-08 |
| LEN-26251 | Dolby DAX2 API Denial of Service | CVE-2019-10724 | 2019-04-18 | 2023-08-08 |
| LEN-26696 | Microarchitectural Data Sampling (MDS) Side Channel Vulnerabilities | CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091 | 2019-05-14 | 2023-08-08 |
| LEN-27709 | Intel Unite Client Vulnerability | CVE-2019-0132 | 2019-06-11 | 2023-08-08 |
| LEN-25083 | Intel CSME, Server Platform Services, Trusted Execution Engine and Intel Active Management Technology Vulnerabilities | CVE-2018-12188, CVE-2018-12189, CVE-2018-12190, CVE-2018-12191, CVE-2018-12192, CVE-2018-12199, CVE-2018-12198, CVE-2018-12200, CVE-2018-12187, CVE-2018-12196, CVE-2018-12185 | 2019-03-14 | 2023-08-08 |
| LEN-30350 | Intel Processor Graphics Vulnerability | CVE-2019-14615 | 2020-01-14 | 2021-06-15 |
| LEN-29846 | Intel Processors Voltage Settings Modification Advisory | CVE-2019-11157 | 2019-12-10 | 2021-05-19 |
| LEN-29406 | ST Microelectronics TPM Firmware ECDSA Signature Generation Vulnerability | CVE-2019-16863 | 2019-11-19 | 2021-04-19 |
| LEN-30525 | Intel CSME Vulnerability | CVE-2019-14598 | 2020-02-11 | 2021-04-05 |
| LEN-29863 | Unexpected Page Fault in Virtualized Environment Advisory | CVE-2019-14607 | 2019-12-10 | 2021-04-05 |
| LEN-27716 | Intel CSME, Server Platform Services, Trusted Execution Engine, Intel Active Management Technology and Dynamic Application Loader Vulnerabilities | CVE-2019-0131, CVE-2019-0165, CVE-2019-0166, CVE-2019-0168, CVE-2019-0169, CVE-2019-11086, CVE-2019-11087, CVE-2019-11088, CVE-2019-11090, CVE-2019-11097, CVE-2019-11100, CVE-2019-11101, CVE-2019-11102, CVE-2019-11103, CVE-2019-11104, CVE-2019-11105, CVE-2019-11106, CVE-2019-11107, CVE-2019-11108, CVE-2019-11109, CVE-2019-11110, CVE-2019-11131, CVE-2019-11132, CVE-2019-11147 | 2019-11-12 | 2021-04-05 |
| LEN-30236 | NVIDIA GeForce Experience Update | CVE‑2019‑5702 | 2020-01-14 | 2020-11-08 |
| LEN-30044 | Intel Processors Side Channel Data Leakage Vulnerabilities | CVE-2020-0548, CVE-2020-0549, CVE-2020-0550 | 2020-01-28 | 2020-10-21 |
| LEN-29419 | NVIDIA GPU Display Driver Vulnerabilities | CVE-2019-5688,CVE-2019-5689, CVE-2019-5690, CVE-2019-5691, CVE-2019-5692, CVE-2019-5693, CVE-2019-5694, CVE-2019-5695, CVE-2019-5696, CVE-2019-5697, CVE-2019-5698, CVE-2019-5701 | 2019-11-12 | 2020-09-18 |
| LEN-28235 | Intel Graphics Vulnerabilities | CVE-2019-0154, CVE-2019-0155, , CVE-2019-11089, CVE-2019-11111, CVE-2019-11112, CVE-2019-11113, CVE-2019-14574, CVE-2019- 14590, CVE-2019-14591 | 2019-11-12 | 2020-09-17 |
| LEN-29840 | Intel Rapid Storage Technology (RST) Advisory | CVE-2019-14568 | 2019-12-10 | 2020-09-10 |
| LEN-29841 | Intel Dynamic Platform and Thermal Framework Advisory | CVE-2019-0134 | 2019-12-10 | 2020-08-17 |
| LEN-27173 | Encryption Key Negotiation of Bluetooth Vulnerability | CVE-2019-9506, CVE-2020-10135 | 2019-08-13 | 2020-06-23 |
| LEN-27764 | Embedded Controller Update Vulnerability | CVE-2019-6171 | 2019-08-08 | 2020-06-18 |
| LEN-27431 | DLL Search Path and Symbolic Link Vulnerabilities | CVE-2019-6173, CVE-2019-6196 | 2020-01-14 | 2020-06-09 |
| LEN-28078 | Multi-Vendor Desktop & WorkStation BIOS Security Vulnerabilities | CVE-2019-6190 | 2020-02-11 | 2020-05-19 |
| LEN-27840 | Intel Chipset Device Software Vulnerability | CVE-2019-0128 | 2019-06-11 | 2020-05-19 |
| LEN-22133 | Speculative Execution Side Channel Variants 4 and 3a & SWAPGS | CVE-2018-3639, CVE-2018-3640, CVE-2019-1125, CVE-2019-11184 | 2018-05-21 | 2020-05-13 |
| LEN-30524 | Intel Manycore Platform Software Stack (MPSS) Advisory | CVE-2020-0563 | 2020-02-11 | 2020-04-12 |
| LEN-27715 | Intel Ethernet 700 Series Controller Vulnerabilities | CVE-2019-0139, CVE-2019-0140, CVE-2019-0142, CVE-2019-0143, CVE-2019-0145, CVE-2019-0146, CVE-2019-0147, CVE-2019-0148, CVE-2019-0149, CVE-2019-0150 | 2019-11-12 | 2020-04-12 |
| LEN-25084 | Intel Graphics Driver for Windows Vulnerabilities | CVE-2018-12209, CVE-2018-12210, CVE-2018-12211, CVE-2018-12212, CVE-2018-12213, CVE-2018-12214, CVE-2018-12215, CVE-2018-12216, CVE-2018-12217, CVE-2018-12218, CVE-2018-12219, CVE-2018-12220, CVE-2018-12221, CVE-2018-12222, CVE-2018-12223, CVE-2018-12224, CVE-2018-18089, CVE-2018-18090, CVE-2018-18091 | 2019-04-04 | 2020-03-26 |
| LEN-26294 | Intel Firmware Vulnerabilities | CVE-2019-0119 , CVE-2019-0120 , CVE-2019-0126 | 2019-05-14 | 2020-03-23 |
| LEN-29773 | Intel BMC Vulnerabilities | CVE-2019-11168, CVE-2019-11170, CVE-2019-11171, CVE-2019-11172, CVE-2019-11173, CVE-2019-11174, CVE-2019-11175, CVE-2019-11177, CVE-2019-11178, CVE-2019-11179, CVE-2019-11180, CVE-2019-11181, CVE-2019-11182 | 2019-11-19 | 2020-03-19 |
| LEN-28096 | NVIDIA Windows GPU Display Driver Vulnerabilities | CVE-2019-5683, CVE-2019-5684, CVE-2019-5685, CVE-2019-5686, CVE-2019-5687 | 2019-08-08 | 2020-03-19 |
| LEN-25869 | TianoCore EDK II BIOS Vulnerabilities | 2019-05-14 | 2020-03-19 | |
| LEN-24779 | NVIDIA GeForce Experience Vulnerabilities | CVE-2018-6257, CVE-2018-6258, CVE-2018-6259, CVE‑2018‑6261, CVE‑2018‑6262 | 2018-12-13 | 2020-03-19 |
| LEN-24573 | Synaptics Pointing Device Driver Vulnerability | CVE-2018-16098 | 2019-01-10 | 2020-03-13 |
| LEN-27815 | NVIDIA GeForce Experience - May 2019 | CVE-2019-5676, CVE-2019-5678 | 2019-06-11 | 2020-02-21 |
| LEN-27326 | NVIDIA GPU Display Driver Update | CVE-2019-5675, CVE-2019-5676, CVE-2019-5677 | 2019-05-09 | 2020-02-21 |
| LEN-27096 | NVIDIA GeForce Experience Update | CVE‑2019‑5674 | 2019-04-18 | 2020-02-21 |
| LEN-30522 | Intel Renesas Electronics® USB 3.0 Driver Discontinuation | CVE-2020-0560 | 2020-02-11 | 2020-02-14 |
| LEN-29477 | Lenovo XClarity Administrator (LXCA) Vulnerabilities | CVE-2019-6193, CVE-2019-6194, CVE-2019-19757 | 2020-02-11 | 2020-02-12 |
| LEN-29116 | Lenovo XClarity Controller (XCC) Vulnerability | CVE-2019-6195 | 2020-02-11 | 2020-02-11 |
| LEN-30242 | Lenovo EZ Media & Backup Center Vulnerability | CVE-2019-19758 | 2020-02-11 | 2020-02-11 |
| LEN-30367 | Brocade Fabric OS Vulnerability | CVE-2019-16204 | 2020-02-11 | 2020-02-11 |
| LEN-25822 | Synaptics Audio Driver Vulnerability | CVE-2019-9730 | 2019-04-15 | 2020-02-08 |
| LEN-29334 | Lenovo Power Management Driver Vulnerability | CVE-2019-6192 | 2019-12-10 | 2020-01-15 |
| LEN-29588 | NetApp Clustered Data ONTAP 9.2 Vulnerability | CVE-2019-5508 | 2020-01-14 | 2020-01-14 |
| LEN-28648 | Intel Ethernet I218 Adapter Driver Vulnerability | CVE-2019-11096 | 2019-12-10 | 2019-12-13 |
| LEN-27886 | ThinkPad USB-C Dock Vulnerability | CVE-2019-6176 | 2019-11-19 | 2019-12-12 |
| LEN-27682 | Lenovo Energy Management Driver for Windows 10 Vulnerability | CVE-2019-6183 | 2019-12-10 | 2019-12-10 |
| LEN-27701 | Intel PROSet/Wireless WiFi Software Vulnerability | CVE-2018-3701,CVE-2019-0136 | 2019-05-30 | 2019-12-03 |
| LEN-22660 | TianoCore EDK II BIOS Vulnerabilities | 2019-03-14 | 2019-11-22 | |
| LEN-25085 | Intel Firmware Vulnerabilities | CVE-2018-12201, CVE-2018-12202, CVE-2018-12203, CVE-2018-12204, CVE-2018-12205 | 2019-03-14 | 2019-11-22 |
| LEN-29480 | Missing HTTP Security Headers in NetApp OnCommand Workflow Automation | CVE-2019-5503 | 2019-11-19 | 2019-11-19 |
| LEN-29118 | Lenovo XClarity Controller (XCC) Stored CSV Injection | CVE-2019-6187 | 2019-11-19 | 2019-11-19 |
| LEN-29187 | LenovoPaper Discontinuation | CVE-2019-6191 | 2019-11-19 | 2019-11-19 |
| LEN-29198 | Lenovo System Interface Foundation Vulnerabilities | CVE-2019-6186, CVE-2019-6189 | 2019-11-19 | 2019-11-19 |
| LEN-29289 | CCSDK Discontinuation | CVE-2019-6184 | 2019-11-19 | 2019-11-19 |
| LEN-26775 | Intel Smart Sound Technology Vulnerabilities | CVE-2018-3666, CVE-2018-3670, CVE-2018-3672 | 2019-05-02 | 2019-11-11 |
| LEN-25662 | Intel Integrated Performance Primitives (IPP) Information Disclosure | CVE-2018-12155 | 2019-04-18 | 2019-10-11 |
| LEN-26252 | ASPEED AST-series BMC Vulnerability | CVE-2019-6260 | 2019-05-02 | 2019-09-25 |
| LEN-28093 | System Update Vulnerability | CVE-2019-6175 | 2019-09-24 | 2019-09-24 |
| LEN-26957 | ThinkAgile CP-SB (Storage Block) BMC Session Handling Vulnerability | CVE-2019-6161 | 2019-09-24 | 2019-09-24 |
| LEN-27348 | System Update Vulnerability | CVE-2019-6163 | 2019-06-25 | 2019-09-13 |
| LEN-27811 | Lenovo Solution Center Vulnerability | CVE-2019-6177 | 2019-08-20 | 2019-09-05 |
| LEN-25654 | Alps Touchpad Driver Vulnerabilities | CVE-2018-10828 | 2019-06-25 | 2019-09-05 |
| LEN-27805 | LXCA and LXCI Insufficient Input Validation | CVE-2019-6179, CVE-2019-6180, CVE-2019-6181, CVE-2019-6182 | 2019-09-03 | 2019-09-03 |
| LEN-26295 | Intel Graphics Driver for Windows Vulnerabilities | CVE-2019-0113, CVE-2019-0114, CVE-2019-0115, CVE-2019-0116 | 2019-05-14 | 2019-08-29 |
| LEN-27842 | Partial Physical Address Leakage Vulnerability | CVE-2019-0174 | 2019-06-11 | 2019-08-21 |
| LEN-24443 | Intel® PROSet/Wireless WiFi Software Vulnerabilities | CVE-2006-7250, CVE-2007-3108, CVE-2007-4995, CVE-2007-5135, CVE-2008-5077, CVE-2008-7270, CVE-2009-0590, CVE-2009-0789, CVE-2009-1377, CVE-2009-1378, CVE-2009-1386, CVE-2009-1387, CVE-2009-2409, CVE-2009-3245, CVE-2009-4355, CVE-2010-0433, CVE-2010-0742, CVE-2010-4180, CVE-2010-4252, CVE-2010-5298, CVE-2011-1945, CVE-2011-3210, CVE-2011-4108, CVE-2011-4109, CVE-2011-4576, CVE-2011-4577, CVE-2011-4619, CVE-2012-0027, CVE-2012-0884, CVE-2012-1165, CVE-2012-2110, CVE-2012-2333, CVE-2013-0166, CVE-2014-0076, CVE-2014-0195, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470, CVE-2014-3505, CVE-2014-3506, CVE-2014-3507, CVE-2014-3508, CVE-2014-3510, CVE-2014-3566, CVE-2017-3735, CVE-2018-12177 | 2018-11-15 | 2019-08-21 |
| LEN-27569 | PaperDisplay Hotkey Vulnerability | CVE-2019-6165 | 2019-08-08 | 2019-08-15 |
| LEN-22880 | Lazy FP State Restore | CVE-2018-3665 | 2018-12-13 | 2019-08-10 |
| LEN-24785 | Stored XSS Vulnerability in legacy IBM System x IMM | CVE-2019-6159 | 2019-08-08 | 2019-08-08 |
| LEN-23850 | Insecure Handling of UEFI Variables | 2018-11-29 | 2019-08-05 | |
| LEN_11575 | Securely Configuring LenovoEMC NAS Devices | 2016-11-21 | 2019-07-30 | |
| LEN-28116 | Intel SSD DC S4500/S4600 Series Vulnerability | CVE-2018-18095 | 2019-07-16 | 2019-07-16 |
| LEN-25557 | Iomega and LenovoEMC NAS Vulnerability | CVE-2019-6160 | 2019-07-16 | 2019-07-16 |
| LEN-27725 | Lenovo Service Bridge Vulnerabilities | CVE-2019-6166,CVE-2019-6167,CVE-2019-6168, CVE-2019-6169 | 2019-06-25 | 2019-06-25 |
| LEN-27843 | Intel Accelerated Storage Manager in Intel Rapid Storage Technology Enterprise (RSTe) Vulnerabilities | CVE-2019-0130, CVE-2019-0135 | 2019-06-11 | 2019-06-11 |
| LEN-27841 | Intel Turbo Boost Max Technology 3.0 Discontinuation | CVE-2019-0164 | 2019-06-11 | 2019-06-11 |
| LEN-25655 | Brocade Network Advisor Vulnerabilities | CVE-2018-6444, CVE-2018-6445 | 2019-06-11 | 2019-06-11 |
| LEN-26332 | SPI Protected Range Registers Affected by S3 Sleep Mode | CVE-2019-6156 | 2019-04-04 | 2019-06-06 |
| LEN-24238 | AMI BIOS System Management Mode Vulnerability | 2018-11-29 | 2019-06-06 | |
| LEN-23611 | Intel DCI Policy Update | CVE-2018-3652 | 2018-11-29 | 2019-06-04 |
| LEN-25256 | Self-Encrypting Drive Vulnerabilities | CVE-2018-12037, CVE-2018-12038, CVE-2019-10636, CVE-2019-10705, CVE-2019-10706, CVE-2019-11686 | 2019-02-07 | 2019-05-20 |
| LEN-22233 | Bluetooth Pairing Key Validation | CVE-2018-5383 | 2018-07-23 | 2019-05-08 |
| LEN-26141 | XClarity Administrator (LXCA) Service Data May Include Proxy Credentials | CVE-2019-6158 | 2019-05-02 | 2019-05-02 |
| LEN-25086 | Intel RST Installer Vulnerability | CVE-2018-3635 | 2018-11-29 | 2019-04-30 |
| LEN-24426 | Multiple potential vulnerabilities in User Mode driver components of Intel Graphics Driver Unified Shader Compiler | CVE-2018-12152, CVE-2018-12153, CVE-2018-12154 | 2018-11-15 | 2019-04-25 |
| LEN-24816 | Firmware Denial of Service | 2019-02-07 | 2019-04-24 | |
| LEN-25667 | IMM2 FFDC includes Private Key | CVE-2019-6157 | 2019-04-19 | 2019-04-22 |
| LEN-23156 | Synaptics Touchpad Driver Leaks Kernel Memory Pointers | CVE-2018-15532 | 2019-01-24 | 2019-04-22 |
| LEN-25165 | SMI Handler Vulnerability in legacy IBM System x and IBM BladeCenter systems | CVE-2019-6155 | 2019-04-19 | 2019-04-19 |
| LEN-24799 | Intel Server Board Firmware Vulnerability | CVE-2018-12173 | 2019-04-18 | 2019-04-18 |
| LEN-26976 | Intel Matrix Storage Manager Discontinuation | CVE-2019-0121 | 2019-04-18 | 2019-04-18 |
| LEN-26626 | Intel SSD Firmware Denial of Service | CVE-2017-5695 | 2019-04-18 | 2019-04-18 |
| LEN-26771 | Default Privileged Account Vulnerability in the NetApp Service Processor | CVE-2019-5490 | 2019-04-18 | 2019-04-18 |
| LEN-25674 | Dynamic Power Reduction Utility Vulnerability | CVE-2019-6149 | 2019-03-14 | 2019-04-07 |
| LEN-25401 | Lenovo Bootable Generator Vulnerability | CVE-2019-6154 | 2019-04-04 | 2019-04-04 |
| LEN-25568 | Eaton Power Management Software Vulnerability | CVE 2018-12031 | 2019-02-07 | 2019-04-01 |
| LEN-23836 | Legacy Server BMC Remote Command Injection | CVE-2018-9086 | 2018-11-15 | 2019-04-01 |
| LEN-20510 | NVIDIA Graphics Driver Multiple Vulnerabilities | CVE-2018-6247, CVE-2018-6248, CVE-2018-6249, CVE-2018-6250, CVE-2018-6251, CVE-2018-6252, CVE-2018-6253 | 2018-04-12 | 2019-02-22 |
| LEN-21031 | Intel Q1’18 AMT 9.x/10.x/11.x Cumulative Update | CVE-2018-3628, CVE-2018-3629, CVE-2018-3632 | 2018-07-12 | 2019-02-13 |
| LEN-25425 | Intel Ready Mode Technology Discontinuation | CVE-2018-3698 | 2019-01-24 | 2019-01-24 |
| LEN-17125 | Bluetooth “BlueBorne” Vulnerabilities | CVE-2017-0781, CVE-2017-0782, CVE-2017-0783, CVE-2017-0785, CVE-2017-8628, CVE-2017-14315, CVE-2017-1000250, CVE-2017-1000251 | 2017-09-18 | 2019-01-23 |
| LEN-17420 | WPA2 Protocol Vulnerabilities | CVE-2017-5729, CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13084, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088 | 2017-10-17 | 2019-01-23 |
| LEN-16445 | System firmware Can Be Erased or Corrupted After Boot | CVE-2017-5703 | 2018-04-05 | 2019-01-17 |
| LEN-23849 | Firmware Authentication Bypass | 2019-01-10 | 2019-01-10 | |
| LEN-24798 | Intel® Storage NVMe and Rapid Storage Technology (RSTe) | CVE-2018-12131 | 2019-01-10 | 2019-01-10 |
| LEN-24239 | AMI Firmware Permits Microcode Downgrade | 2018-11-15 | 2019-01-07 | |
| LEN-20527 | BIOS Modules Unprotected by Intel Boot Guard Vulnerable to Physical Attack | CVE-2018-9062, CVE-2018-12169 | 2018-09-20 | 2018-12-21 |
| LEN-22678 | Power Management Controller (PMC) Security Vulnerability in Systems using specific Intel® CSME or SPS firmware versions | CVE-2018-3643 | 2018-09-20 | 2018-12-18 |
| LEN-22810 | Intel CSME / SPS and TXE Vulnerabilities | CVE-2018-3655, CVE-2018-3657, CVE-2018-3658, CVE-2018-3659, CVE-2018-3616 | 2018-09-20 | 2018-12-18 |
| LEN-23848 | Insecure Handling of BIOS and AMT Passwords in Intel Platform Sample Firmware | CVE-2017-5704 | 2018-09-20 | 2018-12-03 |
| LEN-23800 | Lenovo XClarity Integrator Vulnerabilities | CVE-2018-9072, CVE-2018-16093, CVE-2018-16097 | 2018-11-29 | 2018-11-29 |
| LEN-24765 | Brocade Fabric OS Advisory | CVE-2018-6433, CVE-2018-6434, CVE-2018-6435, CVE-2018-6436, CVE-2018-6437, CVE-2018-6438, CVE-2018-6439, CVE-2018-6440, CVE-2018-6441, CVE-2018-6442 | 2018-11-29 | 2018-11-29 |
| LEN-23806 | CMM Security Concerns | CVE-2018-9071, CVE-2018-9073 | 2018-11-15 | 2018-11-15 |
| LEN-24477 | Missing System x Flash Memory Write Protection Lock Bit | CVE-2018-9085 | 2018-11-15 | 2018-11-15 |
| LEN-24374 | System Management Module Vulnerabilities | CVE-2018-9083, CVE-2018-9084, CVE-2018-16089, CVE-2018-16090, CVE-2018-16091, CVE-2018-16092, CVE-2018-16094, CVE-2018-16095, CVE-2018-16096 | 2018-11-15 | 2018-11-15 |
| LEN-15570 | Intel Graphics Drivers Vulnerabilities | CVE-2017-5696, CVE-2017-5727, CVE-2017-5717, CVE-2017-5692 | 2018-02-08 | 2018-11-14 |
| LEN-18282 | Reading Privileged Memory with a Side Channel | CVE-2017-5753, CVE-2017-5715, CVE-2017-5754 | 2018-01-03 | 2018-10-25 |
| LEN-21284 | Intel Software Guard Extensions (SGX) Vulnerabilities | CVE-2017-5736, CVE-2018-3626, CVE-2018-3639, CVE-2018-3640, CVE-2018-3691 | 2018-07-12 | 2018-10-16 |
| LEN-15552 | RSA Keys Generated by Infineon TPMs are Insecure | CVE-2017-15361 | 2017-10-10 | 2018-10-08 |
| LEN-24497 | Lenovo Replacing Distrusted GeoTrust Certificates With New DigiCert Certificates | 2018-09-06 | 2018-10-04 | |
| LEN-24224 | Iomega and LenovoEMC NAS Web UI Vulnerabilities | CVE-2018-9074, CVE-2018-9075, CVE-2018-9076, CVE-2018-9077, CVE-2018-9078, CVE-2018-9079, CVE-2018-9080, CVE-2018-9081, CVE-2018-9082 | 2018-09-20 | 2018-09-28 |
| LEN-20184 | BIOS Write Protection Race Condition | CVE-2018-9069 | 2018-09-20 | 2018-09-20 |
| LEN-22881 | Whole Disk Encryption with Intel Optane Memory Modules | CVE-2018-3619 | 2018-08-30 | 2018-08-30 |
| LEN-24163 | L1 Terminal Fault Side Channel Vulnerabilities | CVE-2018-3615, CVE-2018-3620, CVE-2018-3646 | 2018-08-14 | 2018-08-20 |
| LEN-16730 | NVIDIA Graphics Driver Multiple Vulnerabilities (including fixes for Intel Speculative Side Channel Vulnerabilities) | CVE-2017-5753, CVE-2017-6266, CVE-2017-6267, CVE-2017-6268, CVE-2017-6269, CVE-2017-6270, CVE-2017-6271 | 2018-03-22 | 2018-08-10 |
| LEN-20227 | Integrated Management Module 2 (IMM2) First Failure Data Capture (FFDC) Information Disclosure | CVE-2018-9068 | 2018-07-26 | 2018-07-26 |
| LEN-22168 | XClarity Administrator (LXCA) API Vulnerabilities | CVE-2018-9064, CVE-2018-9065, CVE-2018-9066 | 2018-07-26 | 2018-07-26 |
| LEN-17297 | Intel ME 6.x/7.x/8.x/9.x/10.x/11.x, SPS 4.0, and TXE 3.0 Cumulative Security Update | CVE-2017-5705, CVE-2017-5706, CVE-2017-5707, CVE-2017-5708, CVE-2017-5709, CVE-2017-5710, CVE-2017-5711, CVE-2017-5712 | 2017-11-20 | 2018-07-25 |
| LEN-21032 | Intel® Management Engine 11.x issue | CVE-2018-3627 | 2018-07-12 | 2018-07-12 |
| LEN-22172 | Lenovo Smart Assistant Factory Test Mode | CVE-2018-9070 | 2018-07-12 | 2018-07-12 |
| LEN-21561 | Lenovo Help Android App Access Control | CVE-2018-9067 | 2018-07-12 | 2018-07-12 |
| LEN-19151 | Synaptics Keyboard & Touchpad Driver Running Arbitrary Code | 2017-12-21 | 2018-07-02 | |
| LEN-17237 | Broadcom WiFi Buffer Overflow Vulnerability | CVE-2017-11120, CVE-2017-11121 | 2018-02-08 | 2018-06-27 |
| LEN-19568 | Intel Active Management Technology MEBx Access Control Bypass | 2018-02-08 | 2018-06-08 | |
| LEN-21769 | Intel Online Connect NDIS Filter Driver Parameter Corruption | CVE-2018-3634 | 2018-05-31 | 2018-05-31 |
| LEN-15999 | Lenovo Fingerprint Manager Pro for Windows 7, 8, and 8.1 only (not 10) Insecure Credential Storage | CVE-2017-3762 | 2018-01-25 | 2018-05-30 |
| LEN-20241 | System x Secure Boot Vulnerability | CVE-2017-3775 | 2018-05-03 | 2018-05-03 |
| LEN-19625 | Buffer Overflow in Lenovo System Update Drive Mapping Utility | CVE-2018-9063 | 2018-05-03 | 2018-05-03 |
| LEN-18247 | OpenSLP Heap Memory Corruption | CVE-2017-17833 | 2018-04-19 | 2018-04-26 |
| LEN-20475 | Lenovo Help Mobile App Transmits Information over HTTP | CVE-2017-3776 | 2018-04-17 | 2018-04-17 |
| LEN-19586 | IMM2 Web Service Stack Overflow | CVE-2017-3774 | 2018-04-12 | 2018-04-12 |
| LEN-14695 | BIOS SMI Handler Input Validation Failures | CVE-2017-3753 | 2017-07-27 | 2018-04-10 |
| LEN-15184 | Intel SGX Update and Attestation Key Recovery | CVE-2017-5691 | 2017-07-27 | 2018-04-10 |
| LEN-18214 | Brocade Fabric OS Vulnerabilities | CVE-2017-6225, CVE-2017-6227 | 2018-03-15 | 2018-03-21 |
| LEN-15854 | NVIDIA GPU display driver contains multiple vulnerabilities in the kernel mode layer handler | CVE-2017-6251, CVE-2017-6252, CVE-2017-6253, CVE-2017-6254, CVE-2017-6255, CVE-2017-6256, CVE-2017-6257, CVE-2017-6258, CVE-2017-6259, CVE-2017-6260 | 2017-09-21 | 2018-03-11 |
| LEN-14587 | NVIDIA GPU Display driver contains multiple vulnerabilities in the kernel mode layer handler | CVE-2017-0341, CVE-2017-0342, CVE-2017-0343, CVE-2017-0344, CVE-2017-0345, CVE-2017-0346, CVE-2017-0347, CVE-2017-0348, CVE-2017-0349, CVE-2017-0350, CVE-2017-0351, CVE-2017-0352, CVE-2017-0353, CVE-2017-0354, CVE-2017-0355 | 2017-07-27 | 2018-03-11 |
| LEN-16095 | Enterprise Networking Operating System (ENOS) Authentication Bypass in Lenovo and IBM RackSwitch and BladeCenter Products | CVE-2017-3765 | 2018-01-09 | 2018-02-22 |
| LEN-14963 | Intel Active Management Technology, Intel Small Business Technology, and Intel Standard Manageability Remote Privilege Escalation | CVE-2017-5689 | 2017-05-02 | 2018-02-21 |
| LEN-18507 | Synaptics Keyboard Driver Unprotected Debug Mode | CVE-2017-17556 | 2017-12-21 | 2018-02-20 |
| LEN-12057 | NVIDIA Windows GPU Driver Privilege Escalation or Denial of Service | CVE-2016-8821, CVE-2016-8822, CVE-2016-8823, CVE-2016-8824, CVE-2016-8825, CVE-2016-8826, CVE-2016-3161, CVE-2016-5852, CVE-2016-4960, CVE-2016-4961 | 2017-04-27 | 2018-02-06 |
| LEN-3556 | USB provisioning may be allowed when Intel AMT is disabled | 2016-09-23 | 2018-02-04 | |
| LEN-14450 | IMM2 Denial of Service Attack by an Unprivileged User | CVE-2017-3768 | 2018-01-25 | 2018-01-25 |
| LEN-15759 | Local Privilege Escalation in Realtek Audio Driver | CVE-2017-3767 | 2017-01-09 | 2018-01-14 |
| LEN-12704 | Privilege Escalation in Dolby DAX2API Service | CVE-2017-7293 | 2017-04-27 | 2018-01-14 |
| LEN-17904 | Lenovo XClarity Controller (XCC) Risk of Low Entropy | 2017-12-16 | 2017-12-16 | |
| LEN-16335 | LXCA User Account Names Exposed To Unauthenticated Users Who Can Access the Web User Interface | CVE-2017-3764 | 2017-11-30 | 2017-11-30 |
| LEN-18236 | Vulnerability in Service Assistance GUI for Lenovo Storage and Storwize Products | CVE-2017-1710 | 2017-11-30 | 2017-11-30 |
| LEN-15815 | Local Privilege Escalation in Huawei ME906s 4G LTE Mobile Broadband Driver | CVE-2017-8185 | 2017-11-09 | 2017-11-09 |
| LEN-17538 | Lenovo StorSelect DX8200C glibc, Linux Kernel and Cloudian Management Console Vulnerabilities | 2017-10-26 | 2017-10-26 | |
| LEN-17417 | LEN-17417 - Secure BIOS/UEFI Set-up Incomplete in Lenovo E95 and ThinkCentre M710s/M710t | CVE-2017-3771 | 2017-10-26 | 2017-10-26 |
| LEN-15374 | Lenovo Android Tablet and Lenovo VIBE, Moto, and ZUK Mobile Phone Remote Code Execution Vulnerability | CVE-2017-3758, CVE-2017-3759, CVE-2017-3760, CVE-2017-3761 | 2017-10-05 | 2017-10-17 |
| LEN-16333 | Attacker with Access to LXCA Filesystem Could Access Local LXCA Account Credentials and LXCA Authenticated Command Injection | CVE-2017-3763, CVE-2017-3770 | 2017-09-21 | 2017-09-21 |
| LEN-15217 | Locked Data on Intel 5400s and 6000p Solid State Drives Could be Corrupted by Malware | 2017-08-24 | 2017-08-24 | |
| LEN-9896 | ThinkPad USB 3.0 Ethernet Adapter Driver Privilege Escalation | CVE-2017-3746 | 2017-08-24 | 2017-08-24 |
| LEN-14390 | Unquoted Service Path Privilege Escalation in ElanTech Touchpad Driver | CVE-2017-3757 | 2017-08-24 | 2017-08-24 |
| LEN-15765 | Unquoted Service Path Privilege Escalation in ThinkPad Active Protection System | CVE-2017-3756 | 2017-08-10 | 2017-08-10 |
| LEN-14054 | Login information processed by the IMM2 may be exposed to local IMM2 users | CVE-2017-3744 | 2017-06-08 | 2017-08-07 |
| LEN-14078 | Industry-wide OSPF routing vulnerability on Lenovo and IBM Networking Switches | CVE-2017-3752 | 2017-07-27 | 2017-07-27 |
| LEN-15061 | ThinkPad Compact USB Keyboard with TrackPoint Driver Unquoted Service Path | CVE-2017-3751 | 2017-07-27 | 2017-07-27 |
| LEN-14246 | Intel® PROSet/Wireless Software Denial of Service | CVE-2016-8104 | 2017-06-22 | 2017-07-25 |
| LEN-14398 | Lenovo Connect2 Ad-hoc Wifi Network Key Stored in User-readable Location | CVE-2017-3742 | 2017-07-13 | 2017-07-13 |
| LEN-15084 | Some Lenovo Brand Notebooks Do Not Have BIOS Write Protection Configured | CVE-2017-3754 | 2017-07-13 | 2017-07-13 |
| LEN-12739 | Sierra Wireless WAN Driver Privilege Escalation | 2017-07-13 | 2017-07-13 | |
| LEN-15823 | Local Root Exploit on Lenovo VIBE Mobile Phones | CVE-2017-3748, CVE-2017-3749, CVE-2017-3750 | 2017-06-22 | 2017-06-28 |
| LEN-14005 | Intel AMT Clickjacking Vulnerability | CVE-2017-5697 | 2017-06-22 | 2017-06-22 |
| LEN-15046 | Lenovo Nerve Center for Desktops Privilege Escalation | CVE-2017-3747 | 2017-06-22 | 2017-06-22 |
| LEN-10810 | Credentials sent through the Lenovo ToolsCenter may be exposed to local users | CVE-2017-3743 | 2017-06-08 | 2017-06-08 |
| LEN-15183 | Lenovo StorSelect DX8200C HyperStore Use-after-free in the IPv6 implementation of the DCCP protocol in the Linux kernel | CVE-2017-6074 | 2017-06-08 | 2017-06-08 |
| LEN-14200 | Apache Struts Open Source Framework Remote Code Execution | CVE-2017-5638 | 2017-03-27 | 2017-06-08 |
| LEN-13671 | Lenovo XClarity Administrator Credential Disclosure | CVE-2017-3745 | 2017-06-08 | 2017-06-08 |
| LEN-14794 | Brocade Fibre Channel SAN Privilege Escalation | CVE-2016-8202 | 2017-05-11 | 2017-06-07 |
| LEN-10149 | Lenovo Service Bridge Contains Privilege Escalation and Other Vulnerabilities | CVE-2016-8228, CVE-2016-8229, CVE-2016-8230, CVE-2016-8231 | 2017-05-12 | 2017-05-12 |
| LEN-14440 | Local User Can Alter Trackpoint Functionality in Lenovo Power Management Driver | CVE-2017-3741 | 2017-04-27 | 2017-04-27 |
| LEN-10962 | NVIDIA Linux GPU Display Driver Contains Missing Permissions Check and Improper Validation Vulnerabilities | CVE-2016-7382, CVE-2016-7389 | 2017-04-27 | 2017-04-27 |
| LEN-14957 | IBM Storwize for Lenovo Initialization USB Drives Contain Malware | 2017-04-27 | 2017-04-27 | |
| LEN-13637 | Lenovo Active Protection System Privilege Escalation | CVE-2017-3740 | 2017-04-27 | 2017-04-27 |
| LEN-13640 | Intel Direct Connect Interface Can Be Enabled | CVE-2017-5684 | 2017-04-06 | 2017-04-12 |
| LEN-8313 | Lenovo Updates Remote Code Execution | CVE-2016-8237 | 2017-04-06 | 2017-04-06 |
| LEN-11340 | Privilege Escalation Vulnerability in Lenovo CCSDK | CVE-2016-8235 | 2017-03-30 | 2017-03-30 |
| LEN-11158 | Intel® Wireless Bluetooth® Driver Unquoted Service Path | CVE-2016-8102 | 2016-12-15 | 2017-03-10 |
| LEN-7484 | Local Privilege Escalation or Denial of Service via the Intel® Graphics Driver | CVE-2016-5647 | 2016-09-29 | 2017-03-10 |
| LEN-10822 | NVidia Windows GPU Display Driver Contains Multiple Vulnerabilities in the Kernel Mode Layer | CVE-2016-8805, CVE-2016-8806, CVE-2016-8807, CVE-2016-8808, CVE-2016-8809. CVE-2016-8810, CVE-2016-8811, CVE-2016-7391, CVE-2016-7387, CVE-2016-7385, CVE-2016-7390, CVE-2016-7384, CVE-2016-7388, CVE-2016-7381, CVE-2016-7383, CVE-2016-7382, CVE-2016-7386, CVE-2016-8812, CVE-2016-8813, CVE-2016-8814, CVE-2016-8815, CVE-2016-8816, CVE-2016-8817, CVE-2016-8818, CVE-2016-8819, CVE-2016-8820 | 2017-01-12 | 2017-03-10 |
| LEN-9334 | Denial of Service Vulnerabilities in NVidia® Drivers that affect Quadro, NVS and GeForce Windows-based Systems | 2016-09-29 | 2017-03-10 | |
| LEN-11635 | Credential disclosure in LXCA log files | CVE-2016-8233 | 2017-02-02 | 2017-02-02 |
| LEN-5700 | DOM-Based Cross-Site Scripting Vulnerability in the Advanced Management Module (AMM) | CVE-2016-8232 | 2017-01-26 | 2017-01-26 |
| LEN-12029 | Intel® Ethernet Controller X710/XL710 NVM Denial of Service Vulnerability | CVE-2016-8106 | 2017-01-12 | 2017-01-24 |
| LEN-12508 | Privilege Escalation Vulnerability in Lenovo Transition Application | CVE-2016-8227 | 2016-12-29 | 2016-12-29 |
| LEN-7908 | Maliciously crafted packet sent during PXE boot can cause system hang | 2016-12-15 | 2016-12-21 | |
| LEN-11588 | Lenovo Edge (Slim/Low Profile) USB Keyboard Driver Local Privilege Escalation | CVE-2016-8225 | 2016-12-15 | 2016-12-15 |
| LEN-9307 | Some ThinkServer systems may be reset to default configurations during prolonged broadcast storm | CVE-2016-8236 | 2016-12-15 | 2016-12-15 |
| LEN-11306 | Denial of service attack on Lenovo System X M5, M6, and X6 systems | CVE-2016-8226 | 2016-12-15 | 2016-12-15 |
| LEN-8584 | Microsoft Windows 10 Virtualization-Based Security Bypass | 2016-12-15 | 2016-12-15 | |
| LEN-8324 | System Management Mode (SMM) BIOS Vulnerability | 2016-06-30 | 2016-11-29 | |
| LEN-9903 | Intel Management Engine protection not set on some Lenovo Notebook and ThinkServer systems | CVE-2016-8224 | 2016-11-17 | 2016-11-29 |
| LEN-8327 | Microsoft Device Guard protection bypass | CVE-2016-8222 | 2016-11-27 | 2016-11-27 |
| LEN-9458 | Data on Toshiba Solid State Drives may be recoverable after running the BIOS Secure Erase Function or the ThinkPad Drive Erase Utility | 2016-11-10 | 2016-11-10 | |
| LEN-10617 | Inherent Risks of Using the Intelligent Platform Management Interface (IPMI) on the Lenovo System x Integrated Management Module (IMM), Integrated Management Module II (IMM2) and ThinkServer TSM | CVE-2013-4031, CVE-2013-4037 | 2016-10-13 | 2016-10-13 |
| LEN-10605 | Temporary Lenovo XClarity Administrator (LXCA) credentials may be exposed | 2016-10-13 | 2016-10-13 | |
| LEN-4710 | AMI BIOS SMM Code Execution Vulnerability | 2016-05-30 | 2016-09-28 | |
| LEN-5551 | NVIDIA GPU Kernel Driver Escape | 2016-03-22 | 2016-09-21 | |
| LEN-7806 | Certain BIOS versions may include an AMI Test Key that could compromise Secure Boot protections | 2016-08-25 | 2016-08-29 | |
| LEN-4901 | BIOS EFI Driver SMM Code Execution Vulnerability | 2016-06-23 | 2016-08-13 | |
| LEN-3313 | Memory corruption due to an unsanitized pointer in the NVIDIA display driver | 2016-09-29 | 2016-08-13 | |
| LEN-4603 | Security Losses from Obsolete and Truncated Transcript Hashes (SLOTH) | 2016-04-04 | 2016-08-13 | |
| LEN-4884 | Dolby Audio X2 (DAX2) privilege escalation | 2016-02-05 | 2016-08-03 | |
| LEN-7267 | Lenovo Ultraslim Keyboard Keystroke Injection | CVE-2016-6257 | 2016-07-28 | 2016-07-28 |
| LEN-5595 | Data on SanDisk Solid State Drives may be recoverable after running the BIOS Secure Erase Function or the ThinkPad Drive Erase Utility | 2016-07-21 | 2016-07-27 | |
| LEN-7145 | Lenovo XClarity Administrator (LXCA) Local Privilege Escalation | 2016-07-21 | 2016-07-21 | |
| LEN-6022 | Potential vulnerability in Intel® SSD Data Center Family for SATA | 2016-07-21 | 2016-07-21 | |
| LEN-7814 | Lenovo Solution Center Arbitrary Process Termination or Code Execution by Unprivileged Local Users | 2016-06-23 | 2016-07-11 | |
| LEN-7805 | Attackers with physical access to Lenovo RackSwitches may be able to upload unsigned firmware | 2016-06-16 | 2016-06-16 | |
| LEN-6718 | Lenovo Accelerator Application Insecure Update Mechanism | 2016-05-31 | 2016-06-13 | |
| LEN-2015-049 | Intel releases fix for sleep mode configuration bypass | 2015-09-08 | 2016-05-30 | |
| LEN-2015-002 | SMM "Incursion" Attack | 2015-04-10 | 2016-05-30 | |
| LEN-6421 | SHAREit for Android Vulnerabilities | 2016-05-19 | 2016-05-20 | |
| LEN-5519 | Lenovo System Update Privilege Escalation | 2016-05-19 | 2016-05-19 | |
| LEN-3837 | SMRAM data may be viewed on ThinkPad systems | 2015-04-20 | 2016-05-06 | |
| LEN-2015-020 | Lenovo Service Engine (LSE) BIOS for Notebook | 2015-07-31 | 2016-04-27 | |
| LEN-6027 | Memory Leakage and Denial of Service Vulnerabilities Identified in Power Manager, Lenovo Settings Dependency Package and ThinkPad Settings Dependency | 2016-04-26 | 2016-04-26 | |
| LEN-4326 | Privilege Escalation Vulnerabilities within Lenovo Solution Center | 2015-12-03 | 2016-04-26 | |
| LEN-4058 | SHAREit for Windows and Android Vulnerabilities | 2016-01-25 | 2016-04-11 | |
| LEN-4281 | Fingerprint Validity Driver and Synaptics Fingerprint Driver Information Disclosure | 2016-03-22 | 2016-03-22 | |
| LEN-4282 | Lenovo Fingerprint Manager and Lenovo Touch Fingerprint Software Privilege Escalation | 2016-03-22 | 2016-03-22 | |
| LEN-5524 | ThinkCentre Hard Disk Password Bypass | 2016-03-16 | 2016-03-16 | |
| LEN-3846 | Information about LenovoEMC devices may be disclosed if the device has an Internet-accessible management interface | 2016-03-10 | 2016-03-10 | |
| LEN-4292 | Lenovo 500 Wireless Keyboard Keystroke Injection | 2016-02-23 | 2016-02-24 | |
| LEN-2015-082 | TPM "nvLocked" Permanent Flag may not be set | 2015-09-23 | 2016-02-06 | |
| LEN-10150 | Lenovo System Interface Foundation Privilege Escalation | CVE-2016-8223 | 2016-11-17 | 2016-01-17 |
| LEN-2537 | Privilege Escalation and Denial of Service Vulnerabilities in System X IMM2 | 2015-12-31 | 2015-12-31 | |
| LEN-3748 | Intel Processor Memory Sinkhole Vulnerability | 2015-09-10 | 2015-11-19 | |
| LEN-2015-011 | Lenovo System Update Privilege Escalation | 2015-04-14 | 2015-11-19 | |
| LEN-2910 | Accessing data on Self-Encrypting drives while a system is in sleep state | 2015-11-12 | 2015-11-12 | |
| LEN-2015-074 | Privilege escalation vulnerabilities in IBM System Networking Switch Center and Lenovo Switch Center | 2015-11-05 | 2015-11-05 | |
| LEN-3044 | Vulnerabilities in VeriFace and VeriFace Pro software | 2015-10-22 | 2015-10-22 | |
| LEN-2014-007 | SSLv3 Vulnerability | 2014-12-24 | 2015-09-28 | |
| LEN-2015-009 | Row Hammer Privilege Escalation | 2015-03-13 | 2015-09-15 | |
| LEN-2015-066 | Lenovo Mouse Suite Escalation of Privileges | 2015-08-19 | 2015-08-19 | |
| LEN-2015-033 | Access Connection Privilege Escalation | 2015-08-14 | 2015-08-14 | |
| LEN 2015-077 | Lenovo Service Engine (LSE) BIOS for Desktop | 2015-07-31 | 2015-07-31 | |
| LEN 2015-075 | QEMU i8254 PIT Emulation Bug | 2015-07-21 | 2015-07-21 | |
| LEN-2015-046 | Venom | 2015-07-20 | 2015-07-21 | |
| LEN-2015-008 | NVIDIA Windows Privilege Delegation Escalation | 2015-03-03 | 2015-07-15 | |
| LEN-2015-007 | GNU C Library (glibc) __nss_hostname_digits_dots() function vulnerable to buffer overflow (“GHOST”) | 2015-02-16 | 2015-06-29 | |
| LEN-2015-001 | Intel BIOS locking mechanism contains race condition that enables write protection bypass | 2015-04-10 | 2015-06-25 | |
| LEN-2014-006 | S3 Boot Script Protection | 2015-01-16 | 2015-06-25 | |
| LEN-2015-016 | Samba Remote Code Execution Vulnerability | 2015-04-03 | 2015-06-06 | |
| LEN-2015-017 | Lenovo Fingerprint Manager | 2015-05-08 | 2015-05-27 | |
| LEN-2014-009 | Overflow in UEFI Variable Reclaim Function | 2015-01-16 | 2015-05-17 | |
| LEN-2015-018 | ThinkServer *50-series BIOS Password Encryption Weakness | 2015-03-24 | 2015-05-05 | |
| LEN-2015-024 | Multiple ThinkServer System Manager (TSM) *50-series Security Weaknesses | 2015-03-24 | 2015-05-05 | |
| LEN-2015-015 | USB Enhanced Performance Keyboard | 2015-03-04 | 2015-05-05 | |
| LEN-2014-001 | UEFI EDK2 Capsule Update vulnerabilities | 2014-09-27 | 2015-04-14 | |
| LEN-2014-002 | Unauthorized modification of UEFI variables in UEFI systems | 2014-09-27 | 2015-04-14 | |
| LEN-2015-010 | Superfish Vulnerability | 2015-02-20 | 2015-03-17 | |
| LEN-2014-003 | GNU Bourne Again Shell (BASH) "Shellshock" | 2014-10-22 | 2014-12-09 |
Was this information helpful?
Your feedback helps to improve the overall experience
Alias Id:PSARCHIVE
Document ID:PS500002
Original Publish Date:06/08/2016
Last Modified Date:12/10/2024
