5 results (0.008 seconds)

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

This vulnerability allows remote attackers to traverse paths via file upload on the affected LG LED Assistant. Esta vulnerabilidad permite a atacantes remotos atravesar rutas mediante la carga de archivos en el LG LED Assistant afectado. • https://lgsecurity.lge.com/bulletins/idproducts#updateDetails • CWE-35: Path Traversal: '.../ •

CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0

This vulnerability allows remote attackers to reset the password of anonymous users without authorization on the affected LG LED Assistant. Esta vulnerabilidad permite a atacantes remotos restablecer la contraseña de usuarios anónimos sin autorización en el LG LED Assistant afectado. • https://lgsecurity.lge.com/bulletins/idproducts#updateDetails • CWE-287: Improper Authentication •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Integer overflow in the LG Mobile handset allows remote attackers to cause a denial of service (reboot) via a crafted HTTP packet. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. Desbordamiento de entero en el terminal LG Mobile permite a atacantes remotos provocar una denegación de servicio (reinicio) mediante un paquete HTTP manipulado. NOTA: a fecha de 16/10/2007, la única revelación es un vago preaviso sin información de uso inmediato. • http://www.irmplc.com/index.php/111-Vendor-Alerts • CWE-189: Numeric Errors •

CVSS: 2.9EPSS: 1%CPEs: 1EXPL: 0

The LG Chocolate KG800 phone allows remote attackers to cause a denial of service (continual modal dialogs and UI unavailability) by repeatedly trying to OBEX push a file over Bluetooth, as demonstrated by ussp-push. El teléfono LG Chocolate KG800 permite a atacantes remotos provocar una denegación de servicio (diálogos modales contínuos e indisponibilidad del interfaz de usuario) intentando repetidamente la transmisión OBEX de un archivo por Bluetooth, como ha sido demostrado por ussp-push. • http://securityreason.com/securityalert/2180 http://www.securityfocus.com/archive/1/457768/100/0/threaded http://www.securityfocus.com/archive/1/457797/100/0/threaded • CWE-20: Improper Input Validation •

CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 0

LG U8120 mobile phone allows remote attackers to cause a denial of service (device crash) via a malformed MIDI file. • http://securitytracker.com/id?1013777 http://www.securityfocus.com/archive/1/395714 http://www.securityfocus.com/bid/13154 https://exchange.xforce.ibmcloud.com/vulnerabilities/20091 •