Vulnerabilities > Asus
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-12-20 | CVE-2019-15912 | Improper Input Validation vulnerability in Asus products An issue was discovered on ASUS HG100, MW100, WS-101, TS-101, AS-101, MS-101, DL-101 devices using ZigBee PRO. | 5.0 |
2019-12-20 | CVE-2019-15911 | Cleartext Transmission of Sensitive Information vulnerability in Asus products An issue was discovered on ASUS HG100, MW100, WS-101, TS-101, AS-101, MS-101, DL-101 devices using ZigBee PRO. | 7.5 |
2019-12-20 | CVE-2019-15910 | Improper Input Validation vulnerability in Asus products An issue was discovered on ASUS HG100, MW100, WS-101, TS-101, AS-101, MS-101, DL-101 devices using ZigBee PRO. | 5.0 |
2019-12-18 | CVE-2019-19235 | Improper Input Validation vulnerability in Asus ATK Package AsLdrSrv.exe in ASUS ATK Package before V1.0.0061 (for Windows 10 notebook PCs) could lead to unsigned code execution with no additional execution. | 6.9 |
2019-11-21 | CVE-2018-8879 | Out-of-bounds Write vulnerability in Asus Rt-Ac66U Firmware Stack-based buffer overflow in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmware before 3.0.0.4.382.50470 for devices allows remote attackers to execute arbitrary code by providing a long string to the blocking.asp page via a GET or POST request. | 7.5 |
2019-11-14 | CVE-2019-15419 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Asus X105D Firmware The Asus ASUS_X015_1 Android device with a build fingerprint of asus/CN_X015/ASUS_X015_1:7.0/NRD90M/CN_X015-14.00.1709.35-20171215:user/release-keys contains a pre-installed app with a package name of com.lovelyfont.defcontainer app (versionCode=5, versionName=5.0.1) that allows unauthorized command execution via a confused deputy attack. | 7.2 |
2019-11-14 | CVE-2019-15418 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Asus Pegasus 4 MAX Firmware and Pegasus 4A Firmware The Asus ASUS_X00K_1 Android device with a build fingerprint of asus/CN_X00K/ASUS_X00K_1:7.0/NRD90M/CN_X00K-14.01.1711.27-20180420:user/release-keys contains a pre-installed app with a package name of com.lovelyfont.defcontainer app (versionCode=5, versionName=5.0.1) that allows unauthorized command execution via a confused deputy attack. | 7.2 |
2019-11-14 | CVE-2019-15414 | Unspecified vulnerability in Asus Zenfone AR Firmware The Asus ZenFone AR Android device with a build fingerprint of asus/WW_ASUS_A002/ASUS_A002:7.0/NRD90M/14.1600.1805.51-20180626:user/release-keys contains a pre-installed app with a package name of com.asus.splendidcommandagent app (versionCode=1510200105, versionName=1.2.0.21_180605) that allows other pre-installed apps to perform command execution via an accessible app component. | 7.2 |
2019-11-14 | CVE-2019-15413 | Unspecified vulnerability in Asus Zenfone 3 Ultra Firmware The Asus ZenFone 3 Ultra Android device with a build fingerprint of asus/WW_Phone/ASUS_A001:7.0/NRD90M/14.1010.1804.75-20180612:user/release-keys contains a pre-installed app with a package name of com.asus.splendidcommandagent app (versionCode=1510200105, versionName=1.2.0.21_180605) that allows other pre-installed apps to perform command execution via an accessible app component. | 7.2 |
2019-11-14 | CVE-2019-15412 | Unspecified vulnerability in Asus Zenfone 4 Selfie Firmware The Asus ZenFone 4 Selfie Android device with a build fingerprint of asus/WW_Z01M/ASUS_Z01M_1:7.1.1/NMF26F/WW_71.50.395.57_20180913:user/release-keys contains a pre-installed app with a package name of com.asus.loguploaderproxy app (versionCode=1570000020, versionName=7.0.0.4_170901) that allows other pre-installed apps to perform command execution via an accessible app component. | 4.6 |