Vulnerabilities > LG
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-28 | CVE-2022-23727 | Unspecified vulnerability in LG Webos There is a privilege escalation vulnerability in some webOS TVs. | 7.8 |
| 2021-08-24 | CVE-2021-38306 | OS Command Injection vulnerability in LG N1T1 Firmware Network Attached Storage on LG N1T1*** 10124 devices allows an unauthenticated attacker to gain root access via OS command injection in the en/ajp/plugins/access.ssh/checkInstall.php destServer parameter. | 9.8 |
| 2020-09-14 | CVE-2020-7807 | Improper Validation of Integrity Check Value vulnerability in LG products A vulnerability that can hijack a DLL file that is loaded during products(LGPCSuite_Setup, IPSFULLHD, LG_ULTRAWIDE, ULTRA_HD_Driver Setup) installation into a DLL file that the hacker wants. | 5.5 |
| 2020-04-29 | CVE-2019-20781 | Uncontrolled Search Path Element vulnerability in LG Bridge An issue was discovered in LG Bridge before April 2019 on Windows. | 7.8 |
| 2020-04-17 | CVE-2019-20769 | Uncontrolled Search Path Element vulnerability in LG PC Suite 5.3.27 An issue was discovered in LG PC Suite for LG G3 and earlier (aka LG PC Suite v5.3.27 and earlier). | 7.8 |
| 2020-03-23 | CVE-2020-9759 | Download of Code Without Integrity Check vulnerability in LG Webos A Vulnerability of LG Electronic web OS TV Emulator could allow an attacker to escalate privileges and overwrite certain files. | 7.8 |
| 2019-05-14 | CVE-2018-14839 | OS Command Injection vulnerability in LG N1A1 Firmware 3718.510 LG N1A1 NAS 3718.510 is affected by: Remote Command Execution. | 9.8 |
| 2019-05-13 | CVE-2019-7404 | Missing Authentication for Critical Function vulnerability in LG products An issue was discovered on LG GAMP-7100, GAPM-7200, and GAPM-8000 routers. | 7.5 |
| 2019-02-18 | CVE-2019-8372 | Link Following vulnerability in LG Lha.Sys The LHA.sys driver before 1.1.1811.2101 in LG Device Manager exposes functionality that allows low-privileged users to read and write arbitrary physical memory via specially crafted IOCTL requests and elevate system privileges. | 7.0 |
| 2018-09-21 | CVE-2018-17173 | Code Injection vulnerability in LG Supersign CMS 2.5 LG SuperSign CMS allows remote attackers to execute arbitrary code via the sourceUri parameter to qsr_server/device/getThumbnail. | 9.8 |