Vulnerabilities > LG > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-06-20 CVE-2024-6177 Cross-site Scripting vulnerability in LG Supersign CMS
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in LG Electronics SuperSign CMS allows Reflected XSS. This issue affects SuperSign CMS: from 4.1.3 before < 4.3.1.
network
low complexity
lg CWE-79
6.1
2024-06-20 CVE-2024-6178 Cross-site Scripting vulnerability in LG Supersign CMS
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LG Electronics SuperSign CMS allows Reflected XSS. This issue affects SuperSign CMS: from 4.1.3 before < 4.3.1.
network
low complexity
lg CWE-79
6.1
2024-06-20 CVE-2024-6179 Cross-site Scripting vulnerability in LG Supersign CMS
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LG Electronics SuperSign CMS allows Reflected XSS. This issue affects SuperSign CMS: from 4.1.3 before < 4.3.1.
network
low complexity
lg CWE-79
6.1
2022-03-11 CVE-2022-23731 Unspecified vulnerability in LG Webos 5.0/6.0
V8 javascript engine (heap vulnerability) can cause privilege escalation ,which can impact on some webOS TV models.
local
low complexity
lg
4.6
2020-04-29 CVE-2019-20781 Improper Privilege Management vulnerability in LG Bridge
An issue was discovered in LG Bridge before April 2019 on Windows.
local
lg CWE-269
4.4
2020-04-17 CVE-2019-20769 Untrusted Search Path vulnerability in LG PC Suite 5.3.27
An issue was discovered in LG PC Suite for LG G3 and earlier (aka LG PC Suite v5.3.27 and earlier).
local
lg CWE-426
4.4
2020-02-12 CVE-2013-3685 Race Condition vulnerability in Spritesoftware Spritebackup and Spritebud
A Privilege Escalation Vulnerability exists in Sprite Software Spritebud 1.3.24 and 1.3.28 and Backup 2.5.4105 and 2.5.4108 on LG Android smartphones due to a race condition in the spritebud daemon, which could let a local malicious user obtain root privileges.
6.9
2019-05-13 CVE-2019-7404 Information Exposure vulnerability in LG products
An issue was discovered on LG GAMP-7100, GAPM-7200, and GAPM-8000 routers.
network
low complexity
lg CWE-200
5.0
2019-02-18 CVE-2019-8372 Link Following vulnerability in LG Lha.Sys
The LHA.sys driver before 1.1.1811.2101 in LG Device Manager exposes functionality that allows low-privileged users to read and write arbitrary physical memory via specially crafted IOCTL requests and elevate system privileges.
local
lg CWE-59
6.9
2018-09-14 CVE-2018-16286 Improper Authentication vulnerability in LG Supersign CMS
LG SuperSign CMS allows authentication bypass because the CAPTCHA requirement is skipped if a captcha:pass cookie is sent, and because the PIN is limited to four digits.
network
low complexity
lg CWE-287
5.0