In the TEE, there's a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.
In KeyStore, there is a possible storage of symmetric keys in the TEE instead of the strongbox due to a missing strongbox flag. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.
In LG's LAF component, there is a possible leak of information in a protected disk partition due to a missing bounds check. Rated medium severity (CVSS 4.3), this vulnerability is low attack complexity. No vendor patch available.
In LG's LAF component, there is a possible leak of information in a protected disk partition due to a missing bounds check. Rated medium severity (CVSS 4.3), this vulnerability is low attack complexity. No vendor patch available.
When the pointer lock is enabled by a website though requestPointerLock(), no user notification is given. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A vulnerability exists in WebRTC where malicious web content can use probing techniques on the getUserMedia API using constraints to reveal device properties of cameras on the system without. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.