Vulnerabilities > LG
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-14 | CVE-2018-16288 | Information Exposure vulnerability in LG Supersign CMS 2.5 LG SuperSign CMS allows reading of arbitrary files via signEzUI/playlist/edit/upload/..%2f URIs. | 7.8 |
| 2018-09-14 | CVE-2018-16287 | Unrestricted Upload of File with Dangerous Type vulnerability in LG Supersign CMS LG SuperSign CMS allows file upload via signEzUI/playlist/edit/upload/..%2f URIs. | 7.5 |
| 2018-09-14 | CVE-2018-16286 | Improper Authentication vulnerability in LG Supersign CMS LG SuperSign CMS allows authentication bypass because the CAPTCHA requirement is skipped if a captcha:pass cookie is sent, and because the PIN is limited to four digits. | 5.0 |
| 2018-09-12 | CVE-2018-16946 | Files or Directories Accessible to External Parties vulnerability in LG products LG LNB*, LND*, LNU*, and LNV* smart network camera devices have broken access control. | 5.0 |
| 2018-08-17 | CVE-2018-15482 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android Certain LG devices based on Android 6.0 through 8.1 have incorrect access control for MLT application intents. | 7.5 |
| 2018-08-17 | CVE-2018-14982 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android Certain LG devices based on Android 6.0 through 8.1 have incorrect access control in the GNSS application. | 7.5 |
| 2018-08-17 | CVE-2018-14981 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android Certain LG devices based on Android 6.0 through 8.1 have incorrect access control for SystemUI application intents. | 7.5 |
| 2018-05-04 | CVE-2018-10229 | Information Exposure vulnerability in multiple products A hardware vulnerability in GPU memory modules allows attackers to accelerate micro-architectural attacks through the use of the JavaScript WebGL API. | 5.8 |
| 2017-10-16 | CVE-2017-15361 | Unspecified vulnerability in Infineon RSA Library and Trusted Platform Firmware The Infineon RSA library 1.02.013 in Infineon Trusted Platform Module (TPM) firmware, such as versions before 0000000000000422 - 4.34, before 000000000000062b - 6.43, and before 0000000000008521 - 133.33, mishandles RSA key generation, which makes it easier for attackers to defeat various cryptographic protection mechanisms via targeted attacks, aka ROCA. | 4.3 |
| 2017-09-26 | CVE-2014-0997 | Data Processing Errors vulnerability in Google Android 4.1.2/4.2.2/4.4.4 WiFiMonitor in Android 4.4.4 as used in the Nexus 5 and 4, Android 4.2.2 as used in the LG D806, Android 4.2.2 as used in the Samsung SM-T310, Android 4.1.2 as used in the Motorola RAZR HD, and potentially other unspecified Android releases before 5.0.1 and 5.0.2 does not properly handle exceptions, which allows remote attackers to cause a denial of service (reboot) via a crafted 802.11 probe response frame. | 5.0 |