cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2019-15403,https://securityvulnerability.io/vulnerability/CVE-2019-15403,Command Execution Vulnerability in Asus ZenFone 3s Max by Asus,"The Asus ZenFone 3s Max contains a security flaw that enables pre-installed applications to execute commands without proper authorization. This flaw arises from a specific app, identified by the package name com.asus.loguploaderproxy, which possesses capabilities that allow other pre-installed applications to access its functionalities. Any app on the device that has been granted signature or system permissions can exploit this vulnerability, posing a significant security risk to users by potentially allowing malicious actions to be carried out without user consent.",Asus,Zenfone 3s Max Firmware,7.8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2019-11-14T16:26:08.000Z,0
CVE-2019-15395,https://securityvulnerability.io/vulnerability/CVE-2019-15395,Command Execution Vulnerability in Asus ZenFone 3s Max by Asus,"The Asus ZenFone 3s Max Android device includes a vulnerability within the pre-installed com.asus.loguploaderproxy app. This flaw permits any other pre-installed app on the device to execute commands through an accessible app component. If a pre-installed app possesses the necessary signatureOrSystem permissions, it can exploit this vulnerability, potentially leading to unauthorized control over the device functionalities. It poses a significant risk as various pre-installed applications can interact with each other, increasing the attack surface for malicious exploitation.",Asus,Zenfone 3s Max Firmware,7.8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2019-11-14T16:25:56.000Z,0