Filtered by vendor Lg
Subscribe
Search
Total
13 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-38306 | 1 Lg | 3 N1t1, N1t1 Firmware, N1t1dd1 | 2021-09-09 | 10.0 HIGH | 9.8 CRITICAL |
| Network Attached Storage on LG N1T1*** 10124 devices allows an unauthenticated attacker to gain root access via OS command injection in the en/ajp/plugins/access.ssh/checkInstall.php destServer parameter. | |||||
| CVE-2020-13841 | 2 Google, Lg | 35 Android, Cv1, Cv1s and 32 more | 2021-07-21 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered on LG mobile devices with Android OS 9 and 10 (MTK chipsets). An AT command handler allows attackers to bypass intended access restrictions. The LG ID is LVE-SMP-200009 (June 2020). | |||||
| CVE-2021-26688 | 2 Google, Lg | 2 Android, Wing | 2021-02-08 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on LG Wing mobile devices with Android OS 10 software. The biometric sensor has weak security properties. The LG ID is LVE-SMP-200030 (February 2021). | |||||
| CVE-2020-13840 | 2 Google, Lg | 35 Android, Cv1, Cv1s and 32 more | 2020-06-11 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 (MTK chipsets). Code execution can occur via an MTK AT command handler buffer overflow. The LG ID is LVE-SMP-200008 (June 2020). | |||||
| CVE-2020-13839 | 2 Google, Lg | 35 Android, Cv1, Cv1s and 32 more | 2020-06-11 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 (MTK chipsets). Code execution can occur via a custom AT command handler buffer overflow. The LG ID is LVE-SMP-200007 (June 2020). | |||||
| CVE-2019-20777 | 2 Google, Lg | 3 Android, G7, V40 | 2020-04-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. WapService mishandles OTA Provisioning on V40 and G7 devices. The LG ID is LVE-SMP-190006 (July 2019). | |||||
| CVE-2018-14839 | 1 Lg | 2 N1a1, N1a1 Firmware | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| LG N1A1 NAS 3718.510 is affected by: Remote Command Execution. The impact is: execute arbitrary code (remote). The attack vector is: HTTP POST with parameters. | |||||
| CVE-2018-14981 | 2 Google, Lg | 15 Android, G5, G6 and 12 more | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| Certain LG devices based on Android 6.0 through 8.1 have incorrect access control for SystemUI application intents. The LG ID is LVE-SMP-180005. | |||||
| CVE-2018-14982 | 2 Google, Lg | 15 Android, G5, G6 and 12 more | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| Certain LG devices based on Android 6.0 through 8.1 have incorrect access control in the GNSS application. The LG ID is LVE-SMP-180004. | |||||
| CVE-2018-15482 | 2 Google, Lg | 15 Android, G5, G6 and 12 more | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| Certain LG devices based on Android 6.0 through 8.1 have incorrect access control for MLT application intents. The LG ID is LVE-SMP-180006. | |||||
| CVE-2018-17173 | 1 Lg | 1 Supersign Cms | 2019-05-06 | 7.5 HIGH | 9.8 CRITICAL |
| LG SuperSign CMS allows remote attackers to execute arbitrary code via the sourceUri parameter to qsr_server/device/getThumbnail. | |||||
| CVE-2018-16286 | 1 Lg | 1 Supersign Cms | 2018-11-07 | 5.0 MEDIUM | 9.8 CRITICAL |
| LG SuperSign CMS allows authentication bypass because the CAPTCHA requirement is skipped if a captcha:pass cookie is sent, and because the PIN is limited to four digits. | |||||
| CVE-2018-16287 | 1 Lg | 1 Supersign Cms | 2018-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| LG SuperSign CMS allows file upload via signEzUI/playlist/edit/upload/..%2f URIs. | |||||