Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

7.2

HIGH

CVE-2020-8337

An unquoted search path vulnerability was reported in versions prior to 1.0.83.0 of the Synaptics Smart Audio UWP app associated with the DCHU audio drivers on Lenovo platforms that could allow an administrative user to execute arbitrary code....

Affected Products : thinkpad_11e thinkpad_e480 thinkpad_e580 thinkpad_l380 thinkpad_l380_yoga thinkpad_l480 thinkpad_l580 thinkpad_t470p thinkpad_x270 thinkpad_x380_yoga +73 more products
Published: Jun. 09, 2020

Modified: Nov. 21, 2024
6.8

MEDIUM

CVE-2020-8336

Lenovo implemented Intel CSME Anti-rollback ARB protections on some ThinkPad models to prevent roll back of CSME Firmware in flash....

Affected Products : thinkpad_e490s_firmware thinkpad_s3_firmware thinkpad_e490_firmware thinkpad_e590_firmware thinkpad_r490_firmware thinkpad_r590_firmware thinkpad_l390_yoga_firmware thinkpad_s2_yoga_4th_gen_firmware thinkpad_l490_firmware thinkpad_l590_firmware +66 more products
Published: Jun. 09, 2020

Modified: Nov. 21, 2024
6.8

MEDIUM

CVE-2020-8335

The BIOS tamper detection mechanism was not triggered in Lenovo ThinkPad A285, BIOS versions up to r0xuj70w; A485, BIOS versions up to r0wuj65w; T495 BIOS versions up to r12uj55w; T495s/X395, BIOS versions up to r13uj47w, while the emergency-reset button ...

Affected Products : thinkpad_a275_firmware thinkpad_a475_firmware thinkpad_a285_firmware thinkpad_a485_firmware thinkpad_x395_firmware thinkpad_x1_carbon_\(20bx\)_firmware thinkpad_t495_drift_firmware thinkpad_t495s_jazz_firmware thinkpad_a275 thinkpad_a475 +6 more products
Published: Sep. 01, 2020

Modified: Nov. 21, 2024
6.8

MEDIUM

CVE-2020-8334

The BIOS tamper detection mechanism was not triggered in Lenovo ThinkPad T495s, X395, T495, A485, A285, A475, A275 which may allow for unauthorized access....

Affected Products : thinkpad_a275_firmware thinkpad_a475_firmware thinkpad_a285_firmware thinkpad_a485_firmware thinkpad_x395_firmware thinkpad_t495_firmware thinkpad_t495s_firmware thinkpad_a275 thinkpad_a475 thinkpad_a285 +4 more products
Published: Jun. 09, 2020

Modified: Nov. 21, 2024
7.8

HIGH

CVE-2020-8333

A potential vulnerability in the SMI callback function used in the EEPROM driver in some Lenovo Desktops and ThinkStation models may allow arbitrary code execution...

Affected Products : m4500_firmware qitian_4500_firmware qitian_b4550_firmware qitian_m4550_firmware thinkcentre_e73s_firmware thinkcentre_m4500k_firmware thinkcentre_m4500q_firmware thinkcentre_m4500t_firmware thinkcentre_m4500s_firmware yangtian_afh81_firmware +45 more products
Published: Sep. 24, 2020

Modified: Nov. 21, 2024
6.9

MEDIUM

CVE-2020-8332

A potential vulnerability in the SMI callback function used in the legacy BIOS mode USB drivers in some legacy Lenovo and IBM System x servers may allow arbitrary code execution. Servers operating in UEFI mode are not affected....

Affected Products : system_x3750_m4_firmware bladecenter_hs23_firmware bladecenter_hs23e_firmware compute_node-x440_firmware flex_system_x220_firmware flex_system_x240_firmware flex_system_x440_firmware nextscale_nx360_m4_firmware system_x3300_m4_firmware system_x3500_m4_firmware +26 more products
Published: Oct. 14, 2020

Modified: Nov. 21, 2024
7.8

HIGH

CVE-2020-8330

A denial of service vulnerability was reported in the firmware prior to version 1.01 used in Lenovo Printer LJ4010DN that could be triggered by a remote user sending a crafted packet to the device, preventing subsequent print jobs until the printer is reb...

Affected Products : lj4010dn_firmware lj6700dn_firmware m8960dnf_firmware lj4010dn lj6700dn m8960dnf
Published: May. 28, 2020

Modified: Nov. 21, 2024
7.8

HIGH

CVE-2020-8329

A denial of service vulnerability was reported in the firmware prior to version 1.01 used in Lenovo Printer LJ4010DN that could be triggered by a remote user sending a crafted packet to the device, causing an error to be displayed and preventing printer f...

Affected Products : lj4010dn_firmware lj6700dn_firmware m8960dnf_firmware lj4010dn lj6700dn m8960dnf
Published: May. 28, 2020

Modified: Nov. 21, 2024
7.8

HIGH

CVE-2020-8327

A privilege escalation vulnerability was reported in LenovoBatteryGaugePackage for Lenovo System Interface Foundation bundled in Lenovo Vantage prior to version 10.2003.10.0 that could allow an authenticated user to execute code with elevated privileges....

Affected Products : vantage
Published: Apr. 14, 2020

Modified: Nov. 21, 2024
7.8

HIGH

CVE-2020-8326

An unquoted service path vulnerability was reported in Lenovo Drivers Management prior to version 2.7.1128.1046 that could allow an authenticated user to execute code with elevated privileges....

Affected Products : drivers_management
Published: Jul. 24, 2020

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2020-8324

A vulnerability was reported in LenovoAppScenarioPluginSystem for Lenovo System Interface Foundation prior to version 1.2.184.31 that could allow unsigned DLL files to be executed....

Affected Products : system_interface_foundation
Published: Apr. 14, 2020

Modified: Nov. 21, 2024
6.7

MEDIUM

CVE-2020-8323

A potential vulnerability in the SMI callback function used in the Legacy SD driver in some Lenovo ThinkPad, ThinkStation, and Lenovo Notebook models may allow arbitrary code execution....

Affected Products : e42-80_firmware e52-80_firmware miix_720-12ikb_firmware thinkpad_l380_firmware thinkpad_e480_firmware thinkpad_e580_firmware thinkpad_l480_firmware thinkpad_l580_firmware thinkpad_p51_firmware thinkpad_p51s_firmware +334 more products
Published: Jun. 09, 2020

Modified: Nov. 21, 2024
6.7

MEDIUM

CVE-2020-8322

A potential vulnerability in the SMI callback function used in the Legacy USB driver in some Lenovo Notebook and ThinkStation models may allow arbitrary code execution....

Affected Products : e42-80_firmware e52-80_firmware miix_720-12ikb_firmware s145-14api_firmware s145-14ast_firmware s145-15api_firmware s145-15ast_firmware s540-13api_firmware v130-15ikb_firmware v330-15igm_firmware +92 more products
Published: Jun. 09, 2020

Modified: Nov. 21, 2024
6.7

MEDIUM

CVE-2020-8321

A potential vulnerability in the SMI callback function used in the System Lock Preinstallation driver in some Lenovo Notebook and ThinkStation models may allow arbitrary code execution....

Affected Products : thinkstation_p520_firmware thinkstation_p520c_firmware thinkstation_p720_firmware thinkstation_p920_firmware 330-14igm_firmware 330-15igm_firmware thinkstation_p410_firmware thinkstation_p500_firmware thinkstation_p510_firmware thinkstation_p700_firmware +334 more products
Published: Jun. 09, 2020

Modified: Nov. 21, 2024
6.8

MEDIUM

CVE-2020-8320

An internal shell was included in BIOS image in some ThinkPad models that could allow escalation of privilege....

Affected Products : thinkpad_l380_firmware thinkpad_e480_firmware thinkpad_e580_firmware thinkpad_l480_firmware thinkpad_l580_firmware thinkpad_p51_firmware thinkpad_p51s_firmware thinkpad_p52_firmware thinkpad_p52s_firmware thinkpad_p71_firmware +190 more products
Published: Jun. 09, 2020

Modified: Nov. 21, 2024
7.8

HIGH

CVE-2020-8319

A privilege escalation vulnerability was reported in Lenovo System Interface Foundation prior to version 1.1.19.3 that could allow an authenticated user to execute code with elevated privileges....

Affected Products : system_interface_foundation
Published: Apr. 14, 2020

Modified: Nov. 21, 2024
7.8

HIGH

CVE-2020-8318

A privilege escalation vulnerability was reported in the LenovoSystemUpdatePlugin for Lenovo System Interface Foundation prior to version that could allow an authenticated user to execute code with elevated privileges....

Affected Products : system_interface_foundation
Published: Apr. 14, 2020

Modified: Nov. 21, 2024
7.8

HIGH

CVE-2020-8317

A DLL search path vulnerability was reported in Lenovo Drivers Management prior to version 2.7.1128.1046 that could allow an authenticated user to execute code with elevated privileges....

Affected Products : drivers_management
Published: Jul. 24, 2020

Modified: Nov. 21, 2024
4.4

MEDIUM

CVE-2020-8316

A vulnerability was reported in Lenovo Vantage prior to version 10.2003.10.0 that could allow an authenticated user to read files on the system with elevated privileges....

Affected Products : vantage
Published: Apr. 14, 2020

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2020-8315

In Python (CPython) 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1, an insecure dependency load upon launch on Windows 7 may result in an attacker's copy of api-ms-win-core-path-l1-1-0.dll being loaded and used instead of the system's copy. ...

Affected Products : python
Published: Jan. 28, 2020

Modified: Nov. 21, 2024

Showing 20 of 294853 Results

Browse by Apps

Latest CVE Feed

7.2

6.8

6.8

6.8

7.8

6.9

7.8

7.8

7.8

7.8

5.5

6.7

6.7

6.7

6.8

7.8

7.8

7.8

4.4

5.5

CVEFeed.io UI Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable