cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2019-15418,https://securityvulnerability.io/vulnerability/CVE-2019-15418,Unauthorized Command Execution in Asus Android Device,"The Asus ASUS_X00K_1 Android device contains a vulnerability due to a pre-installed application, com.lovelyfont.defcontainer, which is susceptible to unauthorized command execution. This vulnerability arises from a confused deputy attack, enabling any app located on the device to exploit the flaw. Users should be aware of the potential risks associated with this device configuration and take necessary precautions.",Asus,Pegasus 4a Firmware,7.8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2019-11-14T16:26:28.000Z,0
CVE-2019-15405,https://securityvulnerability.io/vulnerability/CVE-2019-15405,Command Execution Vulnerability in Asus Android Devices,"The Asus ASUS_X00K_1 Android device is affected by a vulnerability within a pre-installed application named com.asus.loguploaderproxy. This flaw allows other pre-installed applications to execute commands through an accessible app component. By leveraging the signatureOrSystem permissions, any pre-installed app can exploit this vulnerability, potentially leading to unauthorized actions within the device environment. This vulnerability highlights the importance of securing pre-installed applications to prevent unauthorized command execution.",Asus,Pegasus 4a Firmware,7.8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2019-11-14T16:26:11.000Z,0