Lucene search
+L
LgWebos

8 matches found

CVE
CVE
added 2022/03/11 5:54 p.m.750 views

CVE-2022-23730

CVE-2022-23730 is described across connected records as a public API error that allows bypassing API access control, with concrete mention of affecting LG WebOS (PT-2022-16235) and related entries (e.g., Red Hat/NVD refs). The sources do not provide specific vulnerable versions, exact root cause ...

9.8CVSS9.3AI score0.01008EPSS
CVE
CVE
added 2022/03/11 5:54 p.m.153 views

CVE-2022-23731

CVE-2022-23731 involves a heap vulnerability in the V8 JavaScript engine used by some webOS TV models. The Red Hat/NVD/CVE records describe a local privilege-escalation flaw originating from the V8 heap, enabling an attacker with local access to gain higher privileges on affected TVs. Public mate...

7.8CVSS7.8AI score0.00617EPSS
Web
CVE
CVE
added 2022/01/28 7:9 p.m.127 views

CVE-2022-23727

Technical details about CVE-2022-23727 are not publicly available in the provided documents. Monitor for updates; no specifics on affected versions, impact, or remediation are disclosed here.

7.8CVSS7.5AI score0.00235EPSS
CVE
CVE
added 2024/04/09 1:42 p.m.104 views

CVE-2023-6319

CVE-2023-6319 affects LG webOS: a command injection in getAudioMetadata of the com.webos.service.attachedstoragemanager. Affected webOS versions include 4.9.7–5.30.40, 5.5.0–04.50.51, 6.3.3-442–03.36.50, and 7.3.1-43–03.33.85. The vulnerability allows an attacker to execute commands as root via s...

9.1CVSS9.3AI score0.06437EPSS
CVE
CVE
added 2020/03/23 3:36 p.m.93 views

CVE-2020-9759

CVE-2020-9759 affects WeeChat (IRC client). A crafted IRC message 352 (who) can cause a crash, per multiple advisories (Debian DLA-2157-1, GLSA-202003-51, USN-5258-1). Root cause: malformed channel/ IRC message handling leading to a crash; impact is denial of service via client crash. Remediation...

9.3CVSS6.8AI score0.00487EPSS
CVE
CVE
added 2024/04/09 1:43 p.m.88 views

CVE-2023-6320

CVE-2023-6320: A command injection vulnerability affects webOS 5.x and 6.x, specifically the com.webos.service.connectionmanager/tv/setVlanStaticAddress endpoint. The root cause is a command execution path that can be triggered by a sequence of authenticated requests, allowing execution as the db...

9.1CVSS9.3AI score0.0392EPSS
CVE
CVE
added 2024/04/09 1:41 p.m.87 views

CVE-2023-6317

CVE-2023-6317 describes a prompt bypass in webOS secondscreen.gateway that lets an attacker create a privileged account without user PIN on affected webOS versions. Affected: webOS 4.9.7–5.30.40, 5.5.0–04.50.51, 6.3.3-442 (kisscurl-kinglake)–03.36.50, 7.3.1-43 (mullet-mebin)–03.33.85. Root cause:...

9.8CVSS7AI score0.01078EPSS
CVE
CVE
added 2024/04/09 1:41 p.m.81 views

CVE-2023-6318

LG webOS versions 5 through 7 are affected by a command injection in the processAnalyticsReport method of the com.webos.service.cloudupload service, enabling root-level code execution via specially crafted authenticated requests. Affected versions listed include webOS 5.5.0 – 04.50.51, 6.3.3-442,...

9.1CVSS9.4AI score0.04667EPSS