Vulnerabilities > LG

DATE CVE VULNERABILITY TITLE RISK
2024-06-20 CVE-2024-6177 Cross-site Scripting vulnerability in LG Supersign CMS
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in LG Electronics SuperSign CMS allows Reflected XSS. This issue affects SuperSign CMS: from 4.1.3 before < 4.3.1.
network
low complexity
lg CWE-79
6.1
2024-06-20 CVE-2024-6178 Cross-site Scripting vulnerability in LG Supersign CMS
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LG Electronics SuperSign CMS allows Reflected XSS. This issue affects SuperSign CMS: from 4.1.3 before < 4.3.1.
network
low complexity
lg CWE-79
6.1
2024-06-20 CVE-2024-6179 Cross-site Scripting vulnerability in LG Supersign CMS
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LG Electronics SuperSign CMS allows Reflected XSS. This issue affects SuperSign CMS: from 4.1.3 before < 4.3.1.
network
low complexity
lg CWE-79
6.1
2024-05-03 CVE-2023-40493 Unspecified vulnerability in LG Simple Editor 3.21.0
LG Simple Editor copySessionFolder Directory Traversal Remote Code Execution Vulnerability.
network
low complexity
lg
critical
9.8
2024-05-03 CVE-2023-40494 Unspecified vulnerability in LG Simple Editor 3.21.0
LG Simple Editor deleteFolder Directory Traversal Arbitrary File Deletion Vulnerability.
network
low complexity
lg
critical
9.1
2024-04-09 CVE-2023-6317 Unspecified vulnerability in LG Webos
A prompt bypass exists in the secondscreen.gateway service running on webOS version 4 through 7.
network
low complexity
lg
critical
9.8
2024-04-09 CVE-2023-6318 Unspecified vulnerability in LG Webos 5.5.0/6.3.3442/7.3.143
A command injection vulnerability exists in the processAnalyticsReport method from the com.webos.service.cloudupload service on webOS version 5 through 7.
network
low complexity
lg
7.2
2024-04-09 CVE-2023-6319 Unspecified vulnerability in LG Webos
A command injection vulnerability exists in the getAudioMetadata method from the com.webos.service.attachedstoragemanager service on webOS version 4 through 7.
network
low complexity
lg
7.2
2024-04-09 CVE-2023-6320 Unspecified vulnerability in LG Webos 5.5.0/6.3.3442
A command injection vulnerability exists in the com.webos.service.connectionmanager/tv/setVlanStaticAddress endpoint on webOS versions 5 and 6.
network
low complexity
lg
7.2
2024-03-25 CVE-2024-2862 Weak Password Recovery Mechanism for Forgotten Password vulnerability in LG LED Assistant 2.1.65
This vulnerability allows remote attackers to reset the password of anonymous users without authorization on the affected LG LED Assistant.
network
low complexity
lg CWE-640
critical
9.8