Summary
Detail | |||
---|---|---|---|
Vendor | Lenovo | First view | 2023-11-08 |
Product | Legion t5 26Iab7 Firmware | Last view | 2023-11-08 |
Version | Type | Os | |
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
CPE Name | Affected CVE |
---|---|
cpe:2.3:o:lenovo:legion_t5_26iab7_firmware:*:*:*:*:*:*:*:* | 15 |
Related : CVE
Date | Alert | Description | |
---|---|---|---|
6.7 | 2023-11-08 | CVE-2023-43581 | A buffer overflow was reported in the Update_WMI module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. |
6.7 | 2023-11-08 | CVE-2023-43580 | A buffer overflow was reported in the SmuV11DxeVMR module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. |
6.7 | 2023-11-08 | CVE-2023-43579 | A buffer overflow was reported in the SmuV11Dxe driver in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. |
6.7 | 2023-11-08 | CVE-2023-43578 | A buffer overflow was reported in the SmiFlash module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. |
6.7 | 2023-11-08 | CVE-2023-43577 | A buffer overflow was reported in the ReFlash module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. |
6.7 | 2023-11-08 | CVE-2023-43576 | A buffer overflow was reported in the WMISwSmi module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. |
6.7 | 2023-11-08 | CVE-2023-43575 | A buffer overflow was reported in the UltraFunctionTable module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. |
4.4 | 2023-11-08 | CVE-2023-43574 | A buffer over-read was reported in the LEMALLDriversConnectedEventHook module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to disclose sensitive information. |
6.7 | 2023-11-08 | CVE-2023-43573 | A buffer overflow was reported in the LEMALLDriversConnectedEventHook module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. |
4.4 | 2023-11-08 | CVE-2023-43572 | A buffer over-read was reported in the BiosExtensionLoader module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to disclose sensitive information. |
6.7 | 2023-11-08 | CVE-2023-43571 | A buffer overflow was reported in the BiosExtensionLoader module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. |
6.7 | 2023-11-08 | CVE-2023-43570 | A potential vulnerability was reported in the SMI callback function of the OemSmi driver that may allow a local attacker with elevated permissions to execute arbitrary code. |
6.7 | 2023-11-08 | CVE-2023-43569 | A buffer overflow was reported in the OemSmi module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. |
4.4 | 2023-11-08 | CVE-2023-43568 | A buffer over-read was reported in the LemSecureBootForceKey module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to disclose sensitive information. |
6.7 | 2023-11-08 | CVE-2023-43567 | A buffer overflow was reported in the LemSecureBootForceKey module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
73% (11) | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflo... |
13% (2) | CWE-125 | Out-of-bounds Read |
6% (1) | CWE-126 | Buffer Over-read |
6% (1) | CWE-20 | Improper Input Validation |