| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-2733 | Cri | 0.65 | 9.8 | 0.19 | Apr 15, 2020 | Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Monitoring and Diagnostics). The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD… | ||
| CVE-2020-10511 | Cri | 0.64 | 9.8 | 0.02 | Apr 15, 2020 | HGiga C&Cmail CCMAILQ before olln-base-6.0-418.i386.rpm and CCMAILN before olln-base-5.0-418.i386.rpm contains insecure configurations. Attackers can exploit these flaws to access unauthorized functionality via a crafted URL. | ||
| CVE-2020-10507 | Cri | 0.64 | 9.8 | 0.01 | Apr 15, 2020 | The School Manage System before 2020, developed by ALLE INFORMATION CO., LTD., contains a vulnerability of Unrestricted file upload (RCE) , that would allow attackers to gain access in the hosting machine. | ||
| CVE-2020-10505 | Cri | 0.64 | 9.8 | 0.01 | Apr 15, 2020 | The School Manage System before 2020, developed by ALLE INFORMATION CO., LTD., contains a vulnerability of SQL Injection, an attacker can use a union based injection query string to get databases schema and username/password. | ||
| CVE-2020-5260 | Cri | 0.54 | 9.3 | 0.10 | Apr 14, 2020 | Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. Git uses external "credential helper" programs to store and retrieve passwords or other credentials from secure storage provided by the… | ||
| CVE-2020-6195 | Cri | 0.64 | 9.8 | 0.01 | Apr 14, 2020 | SAP Business Objects Business Intelligence Platform (CMC), version 4.1, 4.2, shows cleartext password in the response, leading to Information Disclosure. It involves social engineering in order to gain access to system and If password is known, it would give administrative… | ||
| CVE-2019-10939 | Cri | 0.64 | 9.8 | 0.01 | Apr 14, 2020 | A vulnerability has been identified in TIM 3V-IE (incl. SIPLUS NET variants) (All versions < V2.8), TIM 3V-IE Advanced (incl. SIPLUS NET variants) (All versions < V2.8), TIM 3V-IE DNP3 (incl. SIPLUS NET variants) (All versions < V3.3), TIM 4R-IE (incl. SIPLUS NET variants) (All… | ||
| CVE-2020-6238 | Cri | 0.61 | 9.3 | 0.01 | Apr 14, 2020 | SAP Commerce, versions - 6.6, 6.7, 1808, 1811, 1905, does not process XML input securely in the Rest API from Servlet xyformsweb, leading to Missing XML Validation. This affects confidentiality and availability (partially) of SAP Commerce. | ||
| CVE-2020-10383 | Cri | 0.64 | 9.8 | 0.02 | Apr 14, 2020 | An issue was discovered in the MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 software in all versions through 2.5.0. There is an unauthenticated remote code execution in the com_mb24sysapi module. | ||
| CVE-2019-16879 | Cri | 0.64 | 9.8 | 0.01 | Apr 14, 2020 | The Synergy Systems & Solutions (SSS) HUSKY RTU 6049-E70, with firmware Versions 5.0 and prior, has a Missing Authentication for Critical Function (CWE-306) vulnerability. The affected product does not require authentication for TELNET access, which may allow an attacker to… | ||
| CVE-2020-11673 | Cri | 0.64 | 9.8 | 0.04 | Apr 13, 2020 | An issue was discovered in the Responsive Poll through 1.3.4 for Wordpress. It allows an unauthenticated user to manipulate polls, e.g., delete, clone, or view a hidden poll. This is due to the usage of the callback wp_ajax_nopriv function in Includes/Total-Soft-Poll-Ajax.php… | ||
| CVE-2020-11722 | Cri | 0.00 | 9.8 | 0.04 | Apr 12, 2020 | Dungeon Crawl Stone Soup (aka DCSS or crawl) before 0.25 allows remote attackers to execute arbitrary code via Lua bytecode embedded in an uploaded .crawlrc file. | ||
| CVE-2020-11710 | Cri | 0.03 | 9.8 | 0.34 | Apr 12, 2020 | An issue was discovered in docker-kong (for Kong) through 2.0.3. The admin API port may be accessible on interfaces other than 127.0.0.1. NOTE: The vendor argue that this CVE is not a vulnerability because it has an inaccurate bug scope and patch links. “1) Inaccurate Bug… | ||
| CVE-2020-11708 | Cri | 0.64 | 9.8 | 0.02 | Apr 12, 2020 | An issue was discovered in ProVide (formerly zFTPServer) through 13.1. Privilege escalation can occur via the /ajax/SetUserInfo messages parameter because of the EXECUTE() feature, which is for executing programs when certain events are triggered. | ||
| CVE-2020-11705 | Cri | 0.64 | 9.8 | 0.01 | Apr 12, 2020 | An issue was discovered in ProVide (formerly zFTPServer) through 13.1. /ajax/ImportCertificate allows an attacker to load an arbitrary certificate in .pfx format or overwrite arbitrary files via the fileName parameter. | ||
| CVE-2015-8546 | Cri | 0.64 | 9.8 | 0.02 | Apr 10, 2020 | An issue was discovered on Samsung mobile devices with software through 2015-11-12, affecting the Galaxy S6/S6 Edge, Galaxy S6 Edge+, and Galaxy Note5 with the Shannon333 chipset. There is a stack-based buffer overflow in the baseband process that is exploitable for remote code… | ||
| CVE-2015-5524 | Cri | 0.64 | 9.8 | 0.01 | Apr 10, 2020 | An issue was discovered on Samsung mobile devices with KK(4.4) and later software through 2015-05-13. There is a buffer overflow in datablock_write because the amount of received data is not validated. The Samsung ID is SVE-2015-4018 (December 2015). | ||
| CVE-2020-3952 | Cri | 0.86 | 9.8 | 0.90 | KEV | Apr 10, 2020 | Under certain conditions, vmdir that ships with VMware vCenter Server, as part of an embedded or external Platform Services Controller (PSC), does not correctly implement access controls. | |
| CVE-2020-8961 | Cri | 0.64 | 9.8 | 0.02 | Apr 9, 2020 | An issue was discovered in Avira Free-Antivirus before 15.0.2004.1825. The Self-Protection feature does not prohibit a write operation from an external process. Thus, code injection can be used to turn off this feature. After that, one can construct an event that will modify a… | ||
| CVE-2020-10631 | Cri | 0.64 | 9.8 | 0.01 | Apr 9, 2020 | An attacker could use a specially crafted URL to delete or read files outside the WebAccess/NMS's (versions prior to 3.0.2) control. | ||
| CVE-2020-10625 | Cri | 0.64 | 9.8 | 0.02 | Apr 9, 2020 | WebAccess/NMS (versions prior to 3.0.2) allows an unauthenticated remote user to create a new admin account. | ||
| CVE-2020-10619 | Cri | 0.60 | 9.1 | 0.14 | Apr 9, 2020 | An attacker could use a specially crafted URL to delete files outside the WebAccess/NMS's (versions prior to 3.0.2) control. | ||
| CVE-2020-10621 | Cri | 0.64 | 9.8 | 0.02 | Apr 9, 2020 | Multiple issues exist that allow files to be uploaded and executed on the WebAccess/NMS (versions prior to 3.0.2). | ||
| CVE-2020-11656 | Cri | 0.64 | 9.8 | 0.07 | Apr 9, 2020 | In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement. | ||
| CVE-2020-1615 | Cri | 0.64 | 9.8 | 0.02 | Apr 8, 2020 | The factory configuration for vMX installations, as shipped, includes default credentials for the root account. Without proper modification of these default credentials by the administrator, an attacker could exploit these credentials and access the vMX instance without… | ||
| CVE-2020-1614 | Cri | 0.65 | 10.0 | 0.01 | Apr 8, 2020 | A Use of Hard-coded Credentials vulnerability exists in the NFX250 Series for the vSRX Virtual Network Function (VNF) instance, which allows an attacker to take control of the vSRX VNF instance if they have the ability to access an administrative service (e.g. SSH) on the VNF,… | ||
| CVE-2020-10980 | Cri | 0.64 | 9.8 | 0.02 | Apr 8, 2020 | GitLab EE/CE 8.0.rc1 to 12.9 is vulnerable to a blind SSRF in the FogBugz integration. | ||
| CVE-2018-21075 | Cri | 0.64 | 9.8 | 0.01 | Apr 8, 2020 | An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) software. The Call+ application can load classes from an unintended path, leading to Code Execution. The Samsung ID is SVE-2017-10886 (April 2018). | ||
| CVE-2018-21072 | Cri | 0.64 | 9.8 | 0.01 | Apr 8, 2020 | An issue was discovered on Samsung mobile devices with M(6.0), N(7.x), and O(8.0) (Exynos chipsets) software. A kernel driver allows out-of-bounds Read/Write operations and possibly arbitrary code execution. The Samsung ID is SVE-2018-11358 (May 2018). | ||
| CVE-2018-21066 | Cri | 0.64 | 9.8 | 0.01 | Apr 8, 2020 | An issue was discovered on Samsung mobile devices with M(6.0) (Exynos or MediaTek chipsets) software. There is a buffer overflow in a Trustlet that can cause memory corruption. The Samsung ID is SVE-2018-11599 (July 2018). | ||
| CVE-2018-21065 | Cri | 0.64 | 9.8 | 0.00 | Apr 8, 2020 | An issue was discovered on Samsung mobile devices with M(6.0), N(7.x), and O(8.x) software. There is an integer underflow in eCryptFS because of a missing size check. The Samsung ID is SVE-2017-11855 (August 2018). | ||
| CVE-2018-21064 | Cri | 0.64 | 9.8 | 0.00 | Apr 8, 2020 | An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) software. There is an array overflow in a driver's input booster. The Samsung ID is SVE-2017-11816 (August 2018). | ||
| CVE-2018-21063 | Cri | 0.64 | 9.8 | 0.01 | Apr 8, 2020 | An issue was discovered on Samsung mobile devices with M(6.0), N(7.x), and O(8.x) (Exynos chipsets) software. Keymaster has an architectural problem because tlApi in TEE is not properly protected. The Samsung ID is SVE-2018-11792 (August 2018). | ||
| CVE-2018-21058 | Cri | 0.64 | 9.8 | 0.00 | Apr 8, 2020 | An issue was discovered on Samsung mobile devices with N(7.0), O(8.0) (exynos7420 or Exynos 8890/8996 chipsets) software. Cache attacks can occur against the Keymaster AES-GCM implementation because T-Tables are used; the Cryptography Extension (CE) is not used. The Samsung ID… | ||
| CVE-2018-21057 | Cri | 0.64 | 9.8 | 0.01 | Apr 8, 2020 | An issue was discovered on Samsung mobile devices with N(7.x) O(8.x, and P(9.0) (Exynos chipsets) software. There is a stack-based buffer overflow in the Shannon Baseband. The Samsung ID is SVE-2018-12757 (September 2018). | ||
| CVE-2018-21055 | Cri | 0.64 | 9.8 | 0.01 | Apr 8, 2020 | An issue was discovered on Samsung mobile devices with N(7.0) (Qualcomm models using MSM8996 chipsets) software. A device can be rooted with a custom image to execute arbitrary scripts in the INIT context. The Samsung ID is SVE-2018-11940 (September 2018). | ||
| CVE-2018-21054 | Cri | 0.64 | 9.8 | 0.00 | Apr 8, 2020 | An issue was discovered on Samsung mobile devices with M(6.0), N(7.x) and O(8.x) except exynos9610/9820 in all Platforms, M(6.0) except MSM8909 SC77xx/9830 exynos3470/5420, N(7.0) except MSM8939, N(7.1) except MSM8996 SDM6xx/M6737T software. There is an integer underflow with a… | ||
| CVE-2018-21052 | Cri | 0.64 | 9.8 | 0.01 | Apr 8, 2020 | An issue was discovered on Samsung mobile devices with N(7.x) and O(8.X) (Exynos chipsets) software. There is incorrect usage of shared memory in the vaultkeeper Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2018-12855 (October 2018). | ||
| CVE-2018-21051 | Cri | 0.64 | 9.8 | 0.01 | Apr 8, 2020 | An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) (Exynos chipsets) software. There is an invalid free in the fingerprint Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2018-12853 (October 2018). | ||
| CVE-2018-21050 | Cri | 0.64 | 9.8 | 0.01 | Apr 8, 2020 | An issue was discovered on Samsung mobile devices with N(7.x) and O(8.X) (Exynos chipsets) software. There is a Buffer overflow in the esecomm Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2018-12852 (October 2018). | ||
| CVE-2018-21049 | Cri | 0.64 | 9.8 | 0.01 | Apr 8, 2020 | An issue was discovered on Samsung mobile devices with N(7.x) and O(8.X) (Exynos chipsets) software. There is an arbitrary memory write in a Trustlet because a secure driver allows access to sensitive APIs. The Samsung ID is SVE-2018-12881 (November 2018). | ||
| CVE-2018-21044 | Cri | 0.64 | 9.8 | 0.01 | Apr 8, 2020 | An issue was discovered on Samsung mobile devices with N(7.x) and O(8.0) software. The sem Trustlet has a buffer overflow that leads to arbitrary TEE code execution. The Samsung IDs are SVE-2018-13230, SVE-2018-13231, SVE-2018-13232, SVE-2018-13233 (December 2018). | ||
| CVE-2018-21042 | Cri | 0.64 | 9.8 | 0.01 | Apr 8, 2020 | An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. Dual Messenger allows installation of an arbitrary APK with resultant privileged code execution. The Samsung ID is SVE-2018-13299 (December 2018). | ||
| CVE-2018-21038 | Cri | 0.64 | 9.8 | 0.01 | Apr 8, 2020 | An issue was discovered on Samsung mobile devices with N(7.x) software. The Secure Folder app's startup logic allows authentication bypass. The Samsung ID is SVE-2018-11628 (December 2018). | ||
| CVE-2020-11604 | Cri | 0.59 | 9.1 | 0.00 | Apr 8, 2020 | An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (incorporating TEEGRIS) software. There is an Out-of-bounds read in the MLDAP Trustlet. The Samsung ID is SVE-2019-16565 (April 2020). | ||
| CVE-2020-11603 | Cri | 0.64 | 9.8 | 0.01 | Apr 8, 2020 | An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (incorporating TEEGRIS) software. Type confusion in the MLDAP Trustlet allows arbitrary code execution. The Samsung ID is SVE-2020-16599 (April 2020). | ||
| CVE-2020-11600 | Cri | 0.64 | 9.8 | 0.01 | Apr 8, 2020 | An issue was discovered on Samsung mobile devices with Q(10.0) software. There is arbitrary code execution in the Fingerprint Trustlet via a memory overwrite. The Samsung IDs are SVE-2019-16587, SVE-2019-16588, SVE-2019-16589 (April 2020). | ||
| CVE-2018-21087 | Cri | 0.64 | 9.8 | 0.00 | Apr 8, 2020 | An issue was discovered on Samsung mobile devices with L(5.x), M(6.x), and N(7.x) software. There is a vnswap heap-based buffer overflow via the store function, with resultant privilege escalation. The Samsung ID is SVE-2017-10599 (January 2018). | ||
| CVE-2018-21081 | Cri | 0.59 | 9.1 | 0.00 | Apr 8, 2020 | An issue was discovered on Samsung mobile devices with N(7.x) software. In Dual Messenger, the second app can use the runtime permissions of the first app without a user's consent. The Samsung ID is SVE-2017-11018 (March 2018). | ||
| CVE-2018-21090 | Cri | 0.64 | 9.8 | 0.01 | Apr 8, 2020 | An issue was discovered on Samsung mobile devices with software through 2017-11-03 (S.LSI modem chipsets). The Exynos modem chipset has a baseband buffer overflow. The Samsung ID is SVE-2017-10745 (January 2018). |
- risk 0.65cvss 9.8epss 0.19
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Monitoring and Diagnostics). The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD…
- risk 0.64cvss 9.8epss 0.02
HGiga C&Cmail CCMAILQ before olln-base-6.0-418.i386.rpm and CCMAILN before olln-base-5.0-418.i386.rpm contains insecure configurations. Attackers can exploit these flaws to access unauthorized functionality via a crafted URL.
- risk 0.64cvss 9.8epss 0.01
The School Manage System before 2020, developed by ALLE INFORMATION CO., LTD., contains a vulnerability of Unrestricted file upload (RCE) , that would allow attackers to gain access in the hosting machine.
- risk 0.64cvss 9.8epss 0.01
The School Manage System before 2020, developed by ALLE INFORMATION CO., LTD., contains a vulnerability of SQL Injection, an attacker can use a union based injection query string to get databases schema and username/password.
- risk 0.54cvss 9.3epss 0.10
Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. Git uses external "credential helper" programs to store and retrieve passwords or other credentials from secure storage provided by the…
- risk 0.64cvss 9.8epss 0.01
SAP Business Objects Business Intelligence Platform (CMC), version 4.1, 4.2, shows cleartext password in the response, leading to Information Disclosure. It involves social engineering in order to gain access to system and If password is known, it would give administrative…
- risk 0.64cvss 9.8epss 0.01
A vulnerability has been identified in TIM 3V-IE (incl. SIPLUS NET variants) (All versions < V2.8), TIM 3V-IE Advanced (incl. SIPLUS NET variants) (All versions < V2.8), TIM 3V-IE DNP3 (incl. SIPLUS NET variants) (All versions < V3.3), TIM 4R-IE (incl. SIPLUS NET variants) (All…
- risk 0.61cvss 9.3epss 0.01
SAP Commerce, versions - 6.6, 6.7, 1808, 1811, 1905, does not process XML input securely in the Rest API from Servlet xyformsweb, leading to Missing XML Validation. This affects confidentiality and availability (partially) of SAP Commerce.
- risk 0.64cvss 9.8epss 0.02
An issue was discovered in the MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 software in all versions through 2.5.0. There is an unauthenticated remote code execution in the com_mb24sysapi module.
- risk 0.64cvss 9.8epss 0.01
The Synergy Systems & Solutions (SSS) HUSKY RTU 6049-E70, with firmware Versions 5.0 and prior, has a Missing Authentication for Critical Function (CWE-306) vulnerability. The affected product does not require authentication for TELNET access, which may allow an attacker to…
- risk 0.64cvss 9.8epss 0.04
An issue was discovered in the Responsive Poll through 1.3.4 for Wordpress. It allows an unauthenticated user to manipulate polls, e.g., delete, clone, or view a hidden poll. This is due to the usage of the callback wp_ajax_nopriv function in Includes/Total-Soft-Poll-Ajax.php…
- risk 0.00cvss 9.8epss 0.04
Dungeon Crawl Stone Soup (aka DCSS or crawl) before 0.25 allows remote attackers to execute arbitrary code via Lua bytecode embedded in an uploaded .crawlrc file.
- risk 0.03cvss 9.8epss 0.34
An issue was discovered in docker-kong (for Kong) through 2.0.3. The admin API port may be accessible on interfaces other than 127.0.0.1. NOTE: The vendor argue that this CVE is not a vulnerability because it has an inaccurate bug scope and patch links. “1) Inaccurate Bug…
- risk 0.64cvss 9.8epss 0.02
An issue was discovered in ProVide (formerly zFTPServer) through 13.1. Privilege escalation can occur via the /ajax/SetUserInfo messages parameter because of the EXECUTE() feature, which is for executing programs when certain events are triggered.
- risk 0.64cvss 9.8epss 0.01
An issue was discovered in ProVide (formerly zFTPServer) through 13.1. /ajax/ImportCertificate allows an attacker to load an arbitrary certificate in .pfx format or overwrite arbitrary files via the fileName parameter.
- risk 0.64cvss 9.8epss 0.02
An issue was discovered on Samsung mobile devices with software through 2015-11-12, affecting the Galaxy S6/S6 Edge, Galaxy S6 Edge+, and Galaxy Note5 with the Shannon333 chipset. There is a stack-based buffer overflow in the baseband process that is exploitable for remote code…
- risk 0.64cvss 9.8epss 0.01
An issue was discovered on Samsung mobile devices with KK(4.4) and later software through 2015-05-13. There is a buffer overflow in datablock_write because the amount of received data is not validated. The Samsung ID is SVE-2015-4018 (December 2015).
- risk 0.86cvss 9.8epss 0.90
Under certain conditions, vmdir that ships with VMware vCenter Server, as part of an embedded or external Platform Services Controller (PSC), does not correctly implement access controls.
- risk 0.64cvss 9.8epss 0.02
An issue was discovered in Avira Free-Antivirus before 15.0.2004.1825. The Self-Protection feature does not prohibit a write operation from an external process. Thus, code injection can be used to turn off this feature. After that, one can construct an event that will modify a…
- risk 0.64cvss 9.8epss 0.01
An attacker could use a specially crafted URL to delete or read files outside the WebAccess/NMS's (versions prior to 3.0.2) control.
- risk 0.64cvss 9.8epss 0.02
WebAccess/NMS (versions prior to 3.0.2) allows an unauthenticated remote user to create a new admin account.
- risk 0.60cvss 9.1epss 0.14
An attacker could use a specially crafted URL to delete files outside the WebAccess/NMS's (versions prior to 3.0.2) control.
- risk 0.64cvss 9.8epss 0.02
Multiple issues exist that allow files to be uploaded and executed on the WebAccess/NMS (versions prior to 3.0.2).
- risk 0.64cvss 9.8epss 0.07
In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement.
- risk 0.64cvss 9.8epss 0.02
The factory configuration for vMX installations, as shipped, includes default credentials for the root account. Without proper modification of these default credentials by the administrator, an attacker could exploit these credentials and access the vMX instance without…
- risk 0.65cvss 10.0epss 0.01
A Use of Hard-coded Credentials vulnerability exists in the NFX250 Series for the vSRX Virtual Network Function (VNF) instance, which allows an attacker to take control of the vSRX VNF instance if they have the ability to access an administrative service (e.g. SSH) on the VNF,…
- risk 0.64cvss 9.8epss 0.02
GitLab EE/CE 8.0.rc1 to 12.9 is vulnerable to a blind SSRF in the FogBugz integration.
- risk 0.64cvss 9.8epss 0.01
An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) software. The Call+ application can load classes from an unintended path, leading to Code Execution. The Samsung ID is SVE-2017-10886 (April 2018).
- risk 0.64cvss 9.8epss 0.01
An issue was discovered on Samsung mobile devices with M(6.0), N(7.x), and O(8.0) (Exynos chipsets) software. A kernel driver allows out-of-bounds Read/Write operations and possibly arbitrary code execution. The Samsung ID is SVE-2018-11358 (May 2018).
- risk 0.64cvss 9.8epss 0.01
An issue was discovered on Samsung mobile devices with M(6.0) (Exynos or MediaTek chipsets) software. There is a buffer overflow in a Trustlet that can cause memory corruption. The Samsung ID is SVE-2018-11599 (July 2018).
- risk 0.64cvss 9.8epss 0.00
An issue was discovered on Samsung mobile devices with M(6.0), N(7.x), and O(8.x) software. There is an integer underflow in eCryptFS because of a missing size check. The Samsung ID is SVE-2017-11855 (August 2018).
- risk 0.64cvss 9.8epss 0.00
An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) software. There is an array overflow in a driver's input booster. The Samsung ID is SVE-2017-11816 (August 2018).
- risk 0.64cvss 9.8epss 0.01
An issue was discovered on Samsung mobile devices with M(6.0), N(7.x), and O(8.x) (Exynos chipsets) software. Keymaster has an architectural problem because tlApi in TEE is not properly protected. The Samsung ID is SVE-2018-11792 (August 2018).
- risk 0.64cvss 9.8epss 0.00
An issue was discovered on Samsung mobile devices with N(7.0), O(8.0) (exynos7420 or Exynos 8890/8996 chipsets) software. Cache attacks can occur against the Keymaster AES-GCM implementation because T-Tables are used; the Cryptography Extension (CE) is not used. The Samsung ID…
- risk 0.64cvss 9.8epss 0.01
An issue was discovered on Samsung mobile devices with N(7.x) O(8.x, and P(9.0) (Exynos chipsets) software. There is a stack-based buffer overflow in the Shannon Baseband. The Samsung ID is SVE-2018-12757 (September 2018).
- risk 0.64cvss 9.8epss 0.01
An issue was discovered on Samsung mobile devices with N(7.0) (Qualcomm models using MSM8996 chipsets) software. A device can be rooted with a custom image to execute arbitrary scripts in the INIT context. The Samsung ID is SVE-2018-11940 (September 2018).
- risk 0.64cvss 9.8epss 0.00
An issue was discovered on Samsung mobile devices with M(6.0), N(7.x) and O(8.x) except exynos9610/9820 in all Platforms, M(6.0) except MSM8909 SC77xx/9830 exynos3470/5420, N(7.0) except MSM8939, N(7.1) except MSM8996 SDM6xx/M6737T software. There is an integer underflow with a…
- risk 0.64cvss 9.8epss 0.01
An issue was discovered on Samsung mobile devices with N(7.x) and O(8.X) (Exynos chipsets) software. There is incorrect usage of shared memory in the vaultkeeper Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2018-12855 (October 2018).
- risk 0.64cvss 9.8epss 0.01
An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) (Exynos chipsets) software. There is an invalid free in the fingerprint Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2018-12853 (October 2018).
- risk 0.64cvss 9.8epss 0.01
An issue was discovered on Samsung mobile devices with N(7.x) and O(8.X) (Exynos chipsets) software. There is a Buffer overflow in the esecomm Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2018-12852 (October 2018).
- risk 0.64cvss 9.8epss 0.01
An issue was discovered on Samsung mobile devices with N(7.x) and O(8.X) (Exynos chipsets) software. There is an arbitrary memory write in a Trustlet because a secure driver allows access to sensitive APIs. The Samsung ID is SVE-2018-12881 (November 2018).
- risk 0.64cvss 9.8epss 0.01
An issue was discovered on Samsung mobile devices with N(7.x) and O(8.0) software. The sem Trustlet has a buffer overflow that leads to arbitrary TEE code execution. The Samsung IDs are SVE-2018-13230, SVE-2018-13231, SVE-2018-13232, SVE-2018-13233 (December 2018).
- risk 0.64cvss 9.8epss 0.01
An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. Dual Messenger allows installation of an arbitrary APK with resultant privileged code execution. The Samsung ID is SVE-2018-13299 (December 2018).
- risk 0.64cvss 9.8epss 0.01
An issue was discovered on Samsung mobile devices with N(7.x) software. The Secure Folder app's startup logic allows authentication bypass. The Samsung ID is SVE-2018-11628 (December 2018).
- risk 0.59cvss 9.1epss 0.00
An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (incorporating TEEGRIS) software. There is an Out-of-bounds read in the MLDAP Trustlet. The Samsung ID is SVE-2019-16565 (April 2020).
- risk 0.64cvss 9.8epss 0.01
An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (incorporating TEEGRIS) software. Type confusion in the MLDAP Trustlet allows arbitrary code execution. The Samsung ID is SVE-2020-16599 (April 2020).
- risk 0.64cvss 9.8epss 0.01
An issue was discovered on Samsung mobile devices with Q(10.0) software. There is arbitrary code execution in the Fingerprint Trustlet via a memory overwrite. The Samsung IDs are SVE-2019-16587, SVE-2019-16588, SVE-2019-16589 (April 2020).
- risk 0.64cvss 9.8epss 0.00
An issue was discovered on Samsung mobile devices with L(5.x), M(6.x), and N(7.x) software. There is a vnswap heap-based buffer overflow via the store function, with resultant privilege escalation. The Samsung ID is SVE-2017-10599 (January 2018).
- risk 0.59cvss 9.1epss 0.00
An issue was discovered on Samsung mobile devices with N(7.x) software. In Dual Messenger, the second app can use the runtime permissions of the first app without a user's consent. The Samsung ID is SVE-2017-11018 (March 2018).
- risk 0.64cvss 9.8epss 0.01
An issue was discovered on Samsung mobile devices with software through 2017-11-03 (S.LSI modem chipsets). The Exynos modem chipset has a baseband buffer overflow. The Samsung ID is SVE-2017-10745 (January 2018).