Vulnerabilities > LG
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-20 | CVE-2024-6177 | Cross-site Scripting vulnerability in LG Supersign CMS Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in LG Electronics SuperSign CMS allows Reflected XSS. This issue affects SuperSign CMS: from 4.1.3 before < 4.3.1. | 6.1 |
| 2024-06-20 | CVE-2024-6178 | Cross-site Scripting vulnerability in LG Supersign CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LG Electronics SuperSign CMS allows Reflected XSS. This issue affects SuperSign CMS: from 4.1.3 before < 4.3.1. | 6.1 |
| 2024-06-20 | CVE-2024-6179 | Cross-site Scripting vulnerability in LG Supersign CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LG Electronics SuperSign CMS allows Reflected XSS. This issue affects SuperSign CMS: from 4.1.3 before < 4.3.1. | 6.1 |
| 2024-05-03 | CVE-2023-40493 | Unspecified vulnerability in LG Simple Editor 3.21.0 LG Simple Editor copySessionFolder Directory Traversal Remote Code Execution Vulnerability. | 9.8 |
| 2024-05-03 | CVE-2023-40494 | Unspecified vulnerability in LG Simple Editor 3.21.0 LG Simple Editor deleteFolder Directory Traversal Arbitrary File Deletion Vulnerability. | 9.1 |
| 2024-04-09 | CVE-2023-6317 | Unspecified vulnerability in LG Webos A prompt bypass exists in the secondscreen.gateway service running on webOS version 4 through 7. | 9.8 |
| 2024-04-09 | CVE-2023-6318 | Unspecified vulnerability in LG Webos 5.5.0/6.3.3442/7.3.143 A command injection vulnerability exists in the processAnalyticsReport method from the com.webos.service.cloudupload service on webOS version 5 through 7. | 7.2 |
| 2024-04-09 | CVE-2023-6319 | Unspecified vulnerability in LG Webos A command injection vulnerability exists in the getAudioMetadata method from the com.webos.service.attachedstoragemanager service on webOS version 4 through 7. | 7.2 |
| 2024-04-09 | CVE-2023-6320 | Unspecified vulnerability in LG Webos 5.5.0/6.3.3442 A command injection vulnerability exists in the com.webos.service.connectionmanager/tv/setVlanStaticAddress endpoint on webOS versions 5 and 6. | 7.2 |
| 2024-03-25 | CVE-2024-2862 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in LG LED Assistant 2.1.65 This vulnerability allows remote attackers to reset the password of anonymous users without authorization on the affected LG LED Assistant. | 9.8 |