VYPR
Vendor

LG Electronics

Products
32
CVEs
41
Across products
52
Status
Private

Products

32
View all 32 products →

Recent CVEs

41
View all 41 CVEs →
  • CVE-2023-48010CriDec 5, 2024
    risk 0.64cvss 9.8epss 0.00

    STMicroelectronics SPC58 is vulnerable to Missing Protection Mechanism for Alternate Hardware Interface. Code running as Supervisor on the SPC58 PowerPC microcontrollers may disable the System Memory Protection Unit and gain unabridged read/write access to protected assets.

  • CVE-2018-16288HigSep 14, 2018
    risk 0.62cvss 8.6epss 0.35

    LG SuperSign CMS allows reading of arbitrary files via signEzUI/playlist/edit/upload/..%2f URIs.

  • CVE-2016-3851HigAug 5, 2016
    risk 0.53cvss 8.1epss 0.01

    The LG Electronics bootloader Android before 2016-08-05 on Nexus 5X devices allows attackers to gain privileges by leveraging access to a privileged process, aka internal bug 29189941.

  • CVE-2024-6176MedJun 20, 2024
    risk 0.31cvss epss 0.00

    Allocation of Resources Without Limits or Throttling vulnerability in LG Electronics LG SuperSign CMS allows Port Scanning.This issue affects LG SuperSign CMS: from 4.1.3 before < 4.3.1.

  • CVE-2016-8474MedJan 12, 2017
    risk 0.31cvss 4.7epss 0.01

    An information disclosure vulnerability in the STMicroelectronics driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android.…

  • CVE-2016-8473MedJan 12, 2017
    risk 0.31cvss 4.7epss 0.01

    An information disclosure vulnerability in the STMicroelectronics driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android.…

  • CVE-2017-18347MedSep 12, 2018
    risk 0.30cvss 4.6epss 0.00

    Incorrect access control in RDP Level 1 on STMicroelectronics STM32F0 series devices allows physically present attackers to extract the device's protected firmware via a special sequence of Serial Wire Debug (SWD) commands because there is a race condition between full…

  • CVE-2024-45064Apr 2, 2025
    risk 0.00cvss epss 0.01

    A buffer overflow vulnerability exists in the FileX Internal RAM interface functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted set of network packets can lead to code execution. An attacker can send a sequence of requests to trigger this vulnerability.

  • CVE-2024-50385Apr 2, 2025
    risk 0.00cvss epss 0.01

    A denial of service vulnerability exists in the NetX Component HTTP server functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted network packet can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability.This…

  • CVE-2024-50384Apr 2, 2025
    risk 0.00cvss epss 0.01

    A denial of service vulnerability exists in the NetX Component HTTP server functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted network packet can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability.This…

  • CVE-2024-50595Apr 2, 2025
    risk 0.00cvss epss 0.01

    An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted series of network requests can lead to denial of service. An attacker can send a sequence of malicious packets to trigger this…

  • CVE-2024-50594Apr 2, 2025
    risk 0.00cvss epss 0.01

    An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted series of network requests can lead to denial of service. An attacker can send a sequence of malicious packets to trigger this…

  • CVE-2024-50597Apr 2, 2025
    risk 0.00cvss epss 0.01

    An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted network packet can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability.This…

  • CVE-2024-50596Apr 2, 2025
    risk 0.00cvss epss 0.01

    An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted network packet can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability.This…

  • CVE-2024-6179Jun 20, 2024
    risk 0.00cvss epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LG Electronics SuperSign CMS allows Reflected XSS. This issue affects SuperSign CMS: from 4.1.3 before < 4.3.1.

  • CVE-2024-6178Jun 20, 2024
    risk 0.00cvss epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LG Electronics SuperSign CMS allows Reflected XSS. This issue affects SuperSign CMS: from 4.1.3 before < 4.3.1.

  • CVE-2024-6177Jun 20, 2024
    risk 0.00cvss epss 0.00

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in LG Electronics SuperSign CMS allows Reflected XSS. This issue affects SuperSign CMS: from 4.1.3 before < 4.3.1.

  • CVE-2023-36629Jan 9, 2024
    risk 0.00cvss epss 0.00

    The ST ST54-android-packages-apps-Nfc package before 130-20230215-23W07p0 for Android has an out-of-bounds read.

  • CVE-2023-50096Jan 1, 2024
    risk 0.00cvss epss 0.01

    STMicroelectronics STSAFE-A1xx middleware before 3.3.7 allows MCU code execution if an adversary has the ability to read from and write to the I2C bus. This is caused by an StSafeA_ReceiveBytes buffer overflow in the X-CUBE-SAFEA1 Software Package for STSAFE-A sample…

  • CVE-2021-42553Oct 21, 2022
    risk 0.00cvss epss 0.01

    A buffer overflow vulnerability in stm32_mw_usb_host of STMicroelectronics in versions before 3.5.1 allows an attacker to execute arbitrary code when the descriptor contains more endpoints than USBH_MAX_NUM_ENDPOINTS. The library is typically integrated when using a RTOS such as…