194 matches found
EUVD-2023-58562
Malicious code in bioql PyPI...
EUVD-2023-58561
Malicious code in bioql PyPI...
EUVD-2024-17610
Malicious code in bioql PyPI...
EUVD-2024-17611
Malicious code in bioql PyPI...
CVE-2024-1886
This vulnerability allows remote attackers to traverse the directory on the affected webOS of LG Signage...
CVE-2024-1885
This vulnerability allows remote attackers to execute arbitrary code on the affected webOS of LG Signage...
CVE-2011-2409
Cross-site scripting XSS vulnerability in the Calendar application in HP Palm webOS 3.x before 3.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2011-2408
Cross-site scripting XSS vulnerability in the Contacts application in HP Palm webOS 3.x before 3.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2009-5097
Palm Pre WebOS 1.1 and earlier processes JavaScript in email messages, which allows remote attackers to execute arbitrary JavaScript, as demonstrated by reading PalmDatabase.db3...
CVE-2009-5071
Unspecified vulnerability in Palm Pre WebOS before 1.2.1 has unknown impact and attack vectors related to an "included contact template file."...
The vulnerability of the getAudioMetadata method of the com.webos.service.attachedstoragemanager service in the LG WebOS operating system allows a hacker to execute arbitrary commands.
The vulnerability of the getAudioMetadata method in the com.webos.service.attachedstoragemanager service of the LG WebOS operating system exists because measures to neutralize the special elements used in the operating system commands have not been taken. Exploiting this vulnerability allows a...
The vulnerability of the service com.webos.service.connectionmanager/tv/setVlanStaticAddress in the LG WebOS operating system allows a hacker to execute arbitrary commands on behalf of the dbus user.
The vulnerability of the service com.webos.service.connectionmanager/tv/setVlanStaticAddress in the LG WebOS operating system exists because measures to neutralize the special elements used in the operating system commands have not been taken. Exploiting this vulnerability allows a malicious acto...
Exploit for OS Command Injection in Lg Webos
Root my webOS TV A simple python script that starts a telnet...
CVE-2023-6320
A command injection vulnerability exists in the com.webos.service.connectionmanager/tv/setVlanStaticAddress endpoint on webOS versions 5 and 6. A series of specially crafted requests can lead to command execution as the dbus user. An attacker can make authenticated requests to trigger this...
CVE-2023-6319
A command injection vulnerability exists in the getAudioMetadata method from the com.webos.service.attachedstoragemanager service on webOS version 4 through 7. A series of specially crafted requests can lead to command execution as the root user. An attacker can make authenticated requests to...
CVE-2023-6319
A command injection vulnerability exists in the getAudioMetadata method from the com.webos.service.attachedstoragemanager service on webOS version 4 through 7. A series of specially crafted requests can lead to command execution as the root user. An attacker can make authenticated requests to...
CVE-2023-6318
A command injection vulnerability exists in the processAnalyticsReport method from the com.webos.service.cloudupload service on webOS version 5 through 7. A series of specially crafted requests can lead to command execution as the root user. An attacker can make authenticated requests to trigger...
CVE-2023-6317
A prompt bypass exists in the secondscreen.gateway service running on webOS version 4 through 7. An attacker can create a privileged account without asking the user for the security PIN. Full versions and TV models affected: webOS 4.9.7 - 5.30.40 running on LG43UM7000PLA webOS 5.5.0 - 04.50.51...
CVE-2023-6318
A command injection vulnerability exists in the processAnalyticsReport method from the com.webos.service.cloudupload service on webOS version 5 through 7. A series of specially crafted requests can lead to command execution as the root user. An attacker can make authenticated requests to trigger...
CVE-2023-6317
A prompt bypass exists in the secondscreen.gateway service running on webOS version 4 through 7. An attacker can create a privileged account without asking the user for the security PIN. Full versions and TV models affected: webOS 4.9.7 - 5.30.40 running on LG43UM7000PLA webOS 5.5.0 - 04.50.51...