cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2019-15407,https://securityvulnerability.io/vulnerability/CVE-2019-15407,Command Execution Vulnerability in Asus Android Devices,"The Asus ASUS_X015_1 Android device is vulnerable due to a pre-installed application, com.asus.loguploaderproxy, which allows other pre-installed apps to execute commands without proper restrictions. This vulnerability arises from the capability of pre-installed apps to access the application's component with elevated permissions. When multiple pre-installed apps have acquired signatureOrSystem permissions, they can perform unauthorized command executions, posing significant security risks to device integrity and user data.",Asus,Zenfone 4 Max Firmware,7.8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2019-11-14T16:26:14.000Z,0
CVE-2019-15404,https://securityvulnerability.io/vulnerability/CVE-2019-15404,Command Execution Vulnerability in Asus ZenFone Max 4 Android Device,"The Asus ZenFone Max 4 features a pre-installed application, com.asus.loguploaderproxy, which allows other pre-installed applications to execute commands without proper restrictions. This vulnerability arises from the app’s design that permits any pre-installed application with signatureOrSystem privileges to interact with exported components of other pre-installed applications, potentially leading to unauthorized command execution. Users should be aware of the risks associated with pre-installed applications and apply necessary updates as they are made available to mitigate potential exploits.",Asus,Zenfone 4 Max Firmware,7.8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2019-11-14T16:26:09.000Z,0
CVE-2019-15397,https://securityvulnerability.io/vulnerability/CVE-2019-15397,Command Execution Vulnerability in Asus ZenFone Max 4 Devices by Asus,"The Asus ZenFone Max 4 features a pre-installed app, com.asus.loguploaderproxy, which creates a potential security risk. This app allows other authorized pre-installed applications on the device to execute commands through an accessible app component. Any pre-installed app capable of obtaining specific signature permissions can exploit this vulnerability, thereby enabling unauthorized command execution across the device's ecosystem.",Asus,Zenfone Max 4 Firmware,7.8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2019-11-14T16:25:59.000Z,0