VYPR

CVEs

31,277 total · page 444 of 626

  • CVE-2019-20607CriMar 24, 2020
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (MSM8996, MSM8998, Exynos7420, Exynos7870, Exynos8890, and Exynos8895 chipsets) software. A heap overflow in the keymaster Trustlet allows attackers to write to TEE memory, and achieve arbitrary…

  • CVE-2019-20606CriMar 24, 2020
    risk 0.60cvss 9.3epss 0.00

    An issue was discovered on Samsung mobile devices with any (before May 2019) software. A phishing attack against OMACP can change the network and internet settings. The Samsung ID is SVE-2019-14073 (May 2019).

  • CVE-2019-20605CriMar 24, 2020
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Exynos chipsets) software. A heap overflow occurs for baseband in the Shannon modem. The Samsung ID is SVE-2019-14071 (May 2019).

  • CVE-2019-20597CriMar 24, 2020
    risk 0.59cvss 9.1epss 0.00

    An issue was discovered on Samsung mobile devices with N(7.1), O(8.x), and P(9.0) software. SPENgesture allows arbitrary applications to read or modify user-input logs. The Samsung ID is SVE-2019-14170 (June 2019).

  • CVE-2019-20596CriMar 24, 2020
    risk 0.59cvss 9.1epss 0.00

    An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) (Exynos chipsets) software. There is information disclosure in the GateKeeper Trustlet. The Samsung ID is SVE-2019-13958 (June 2019).

  • CVE-2019-20590CriMar 24, 2020
    risk 0.64cvss 9.8epss 0.00

    An issue was discovered on Samsung mobile devices with O(8.x) (Qualcomm chipsets) software. There is an integer underflow in the Secure Storage Trustlet. The Samsung ID is SVE-2019-13952 (July 2019).

  • CVE-2019-20576CriMar 24, 2020
    risk 0.64cvss 9.8epss 0.00

    An issue was discovered on Samsung mobile devices with P(9.0) software. The MemorySaver Content Provider allows SQL injection. The Samsung ID is SVE-2019-14365 (August 2019).

  • CVE-2020-6989CriMar 24, 2020
    risk 0.64cvss 9.8epss 0.03

    In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, a buffer overflow in the web server allows remote attackers to cause a denial-of-service condition or execute arbitrary code.

  • CVE-2019-20589CriMar 24, 2020
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (with TEEGRIS) software. There is type confusion in the SKPM Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2019-14892 (August 2019).

  • CVE-2019-20588CriMar 24, 2020
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (with TEEGRIS) software. There is type confusion in the SEM Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2019-14891 (August 2019).

  • CVE-2019-20587CriMar 24, 2020
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered on Samsung mobile devices with O(8.1) and P(9.0) (with TEEGRIS) software. There is type confusion in the MLDAP Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2019-14867 (August 2019).

  • CVE-2019-20586CriMar 24, 2020
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered on Samsung mobile devices with O(8.1) and P(9.0) (with TEEGRIS) software. There is type confusion in the FINGERPRINT Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2019-14864 (August 2019).

  • CVE-2019-20585CriMar 24, 2020
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (with TEEGRIS) software. There is type confusion in the SEC_FR Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2019-14851 (August 2019).

  • CVE-2019-20584CriMar 24, 2020
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (with TEEGRIS) software. There is type confusion in the HDCP Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2019-14850 (August 2019).

  • CVE-2019-20583CriMar 24, 2020
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (with TEEGRIS) software. There is type confusion in the EXT_FR Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2019-14847 (August 2019).

  • CVE-2019-20582CriMar 24, 2020
    risk 0.64cvss 9.8epss 0.00

    An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) devices (Exynos9810 chipsets) software. There is a use after free in the ion driver. The Samsung ID is SVE-2019-14837 (August 2019).

  • CVE-2019-20581CriMar 24, 2020
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Exynos chipsets) software. A stack overflow in the HDCP Trustlet causes arbitrary code execution. The Samsung ID is SVE-2019-14665 (August 2019).

  • CVE-2019-20578CriMar 24, 2020
    risk 0.64cvss 9.8epss 0.00

    An issue was discovered on Samsung mobile devices with P(9.0) (Exynos 9820 chipsets) software. A Buffer overflow occurs when loading the UH Partition during Secure Boot. The Samsung ID is SVE-2019-14412 (August 2019).

  • CVE-2019-20572CriMar 24, 2020
    risk 0.64cvss 9.8epss 0.00

    An issue was discovered on Samsung mobile devices with O(8.1) and P(9.0) (Exynos chipsets) software. load_kernel has a buffer overflow via untrusted data. The Samsung ID is SVE-2019-14939 (September 2019).

  • CVE-2019-20571CriMar 24, 2020
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered on Samsung mobile devices with O(8.x) (with TEEGRIS) software. There is type confusion in the WVDRM Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2019-14885 (September 2019).

  • CVE-2019-20567CriMar 24, 2020
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Exynos chipsets) software. A up_parm heap overflow leads to code execution in the bootloader. The Samsung ID is SVE-2019-14993 (September 2019).

  • CVE-2019-20566CriMar 24, 2020
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered on Samsung mobile devices with any (before September 2019 for SMP1300 Exynos modem chipsets) software. Attackers can trigger stack corruption in the Shannon modem via a crafted RP-Originator/Destination address. The Samsung ID is SVE-2019-14858 (September…

  • CVE-2019-20563CriMar 24, 2020
    risk 0.64cvss 9.8epss 0.00

    An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (with TEEGRIS) software. The SEC_FR trustlet has an out of bounds write. The Samsung ID is SVE-2019-15272 (October 2019).

  • CVE-2019-20562CriMar 24, 2020
    risk 0.64cvss 9.8epss 0.00

    An issue was discovered on Samsung mobile devices with P(9.0) (with TEEGRIS) software. There is a buffer overflow in the BIOSUB Trustlet. The Samsung ID is SVE-2019-15264 (October 2019).

  • CVE-2019-20561CriMar 24, 2020
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Exynos chipsets) software. The bootloader has an integer signedness error. The Samsung ID is SVE-2019-15230 (October 2019).

  • CVE-2019-20560CriMar 24, 2020
    risk 0.64cvss 9.8epss 0.00

    An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (with TEEGRIS) software. The BIOSUB Trustlet has an out of bounds write. The Samsung ID is SVE-2019-15261 (October 2019).

  • CVE-2019-20558CriMar 24, 2020
    risk 0.64cvss 9.8epss 0.00

    An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Exynos chipsets) software. There is a Buffer Overflow in the Touch Screen Driver. The Samsung ID is SVE-2019-14990 (October 2019).

  • CVE-2019-20556CriMar 24, 2020
    risk 0.64cvss 9.8epss 0.00

    An issue was discovered on Samsung mobile devices with P(9.0) (SM6150, SM8150, SM8150_FUSION, exynos7885, exynos9610, and exynos9820 chipsets) software. RKP memory corruption allows attackers to control the effective address in EL2. The Samsung ID is SVE-2019-15221 (October…

  • CVE-2019-20553CriMar 24, 2020
    risk 0.64cvss 9.8epss 0.00

    An issue was discovered on Samsung mobile devices with P(9.0) (SM6150, SM8150, SM8150_FUSION, exynos7885, exynos9610, and exynos9820 chipsets) software. Arbitrary memory read and write operations can occur in RKP. The Samsung ID is SVE-2019-15143 (October 2019).

  • CVE-2019-20549CriMar 24, 2020
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Broadcom chipsets) software. A heap out-of-bounds access can occur during LE Packet reception in Broadcom Bluetooth. The Samsung ID is SVE-2019-15724 (November 2019).

  • CVE-2019-20548CriMar 24, 2020
    risk 0.64cvss 9.8epss 0.00

    An issue was discovered on Samsung mobile devices with P(9.0) devices (Qualcomm chipsets) software. There is a buffer overflow in the bootloader. The Samsung ID is SVE-2019-15399 (November 2019).

  • CVE-2020-10850CriMar 24, 2020
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos chipsets) software. The secure bootloade has a buffer overflow of the USB buffer, leading to arbitrary code execution. The Samsung ID is SVE-2019-15872 (January 2020).

  • CVE-2020-10849CriMar 24, 2020
    risk 0.64cvss 9.8epss 0.00

    An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos7885, Exynos8895, and Exynos9810 chipsets) software. The Gatekeeper trustlet allows a brute-force attack on the screen lock password. The Samsung ID is SVE-2019-14575 (January 2020).

  • CVE-2020-10848CriMar 24, 2020
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos 9810 chipsets) software. Arbitrary memory mapping exists in TEE. The Samsung ID is SVE-2019-16665 (February 2020).

  • CVE-2020-10837CriMar 24, 2020
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (with TEEGRIS) software. The Esecomm Trustlet allows a stack overflow and arbitrary code execution. The Samsung ID is SVE-2019-15984 (February 2020).

  • CVE-2020-10836CriMar 24, 2020
    risk 0.64cvss 9.8epss 0.00

    An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos chipsets) software. The Widevine Trustlet allows read and write operations on arbitrary memory locations. The Samsung ID is SVE-2019-15873 (February 2020).

  • CVE-2020-10835CriMar 24, 2020
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered on Samsung mobile devices with any (before February 2020 for Exynos modem chipsets) software. There is a buffer overflow in baseband CP message decoding. The Samsung IDs are SVE-2019-15816 and SVE-2019-15817 (February 2020).

  • CVE-2019-20545CriMar 24, 2020
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (Exynos chipsets) software. A buffer overflow in the HDCP Trustlet affects secure TEEGRIS memory. The Samsung ID is SVE-2019-15283 (November 2019).

  • CVE-2019-20544CriMar 24, 2020
    risk 0.64cvss 9.8epss 0.00

    An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (Exynos chipsets) software. There is an out-of-bounds write in the ICCC Trustlet. The Samsung ID is SVE-2019-15274 (November 2019).

  • CVE-2019-20537CriMar 24, 2020
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered on Samsung mobile devices with P(9.0) (TEEGRIS and Qualcomm chipsets). There is arbitrary memory overwrite in the SEM Trustlet, leading to arbitrary code execution. The Samsung IDs are SVE-2019-14651, SVE-2019-14666 (November 2019).

  • CVE-2019-20536CriMar 24, 2020
    risk 0.64cvss 9.8epss 0.00

    An issue was discovered on Samsung mobile devices with N(7.1), O(8.x), and P(9.0) (released in China) software. The Firewall application mishandles the PermissionWhiteLists protection mechanism. The Samsung ID is SVE-2019-14299 (November 2019).

  • CVE-2019-20530CriMar 24, 2020
    risk 0.64cvss 9.8epss 0.00

    An issue was discovered on Samsung mobile devices with N(7.1), O(8.x), P(9.0), and Q(10.0) software. Arbitrary code execution is possible on the lock screen. The Samsung ID is SVE-2019-15266 (December 2019).

  • CVE-2020-6972CriMar 24, 2020
    risk 0.59cvss 9.1epss 0.01

    In Notifier Web Server (NWS) Version 3.50 and earlier, the Honeywell Fire Web Server’s authentication may be bypassed by a capture-replay attack from a web browser.

  • CVE-2020-10938CriMar 24, 2020
    risk 0.64cvss 9.8epss 0.05

    GraphicsMagick before 1.3.35 has an integer overflow and resultant heap-based buffer overflow in HuffmanDecodeImage in magick/compress.c.

  • CVE-2020-1747CriMar 24, 2020
    risk 0.57cvss 9.8epss 0.05

    A vulnerability was discovered in the PyYAML library in versions before 5.3.1, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process…

  • CVE-2020-1944CriMar 23, 2020
    risk 0.64cvss 9.8epss 0.03

    There is a vulnerability in Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.8, and 8.0.0 to 8.0.5 with a smuggling attack and Transfer-Encoding and Content length headers. Upgrade to versions 7.1.9 and 8.0.6 or later versions.

  • CVE-2020-10879CriMar 23, 2020
    risk 0.73cvss 9.8epss 0.84

    rConfig before 3.9.5 allows command injection by sending a crafted GET request to lib/crud/search.crud.php since the nodeId parameter is passed directly to the exec function without being escaped.

  • CVE-2019-17565CriMar 23, 2020
    risk 0.64cvss 9.8epss 0.03

    There is a vulnerability in Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.8, and 8.0.0 to 8.0.5 with a smuggling attack and chunked encoding. Upgrade to versions 7.1.9 and 8.0.6 or later versions.

  • CVE-2019-17559CriMar 23, 2020
    risk 0.64cvss 9.8epss 0.03

    There is a vulnerability in Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.8, and 8.0.0 to 8.0.5 with a smuggling attack and scheme parsing. Upgrade to versions 7.1.9 and 8.0.6 or later versions.

  • CVE-2020-8868CriMar 23, 2020
    risk 0.64cvss 9.8epss 0.09

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of Quest Foglight Evolve 9.0.0. Authentication is not required to exploit this vulnerability. The specific flaw exists within the __service__ user account. The product contains a…