This page lists publicly disclosed CVE vulnerabilities affecting lenovo thinkserver_rd650_firmware (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2022-40137 | A buffer overflow in the WMI SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to execute arbitrary code. | [email protected] | 6.7 | 0.23% | 2023-01-30 | 2026-06-17 |
| CVE-2022-40134 | An information leak vulnerability in the SMI Set BIOS Password SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM memory. | [email protected] | 4.4 | 0.20% | 2023-01-30 | 2026-06-17 |
| CVE-2017-17833 | OpenSLP releases in the 1.0.2 and 1.1.0 code streams have a heap-related memory corruption issue which may manifest itself as a denial-of-service or a remote code-execution vulnerability. | [email protected] | 9.8 | 3.89% | 2018-04-23 | 2026-06-16 |
| CVE-2015-3322 | Lenovo ThinkServer RD350, RD450, RD550, RD650, and TD350 servers before 1.26.0 use weak encryption to store (1) user and (2) administrator BIOS passwords, which allows attackers to decrypt the passwords via unspecified vectors. | [email protected] | 5.0 | 0.71% | 2015-04-16 | 2026-06-16 |