CVSS: 8.8EPSS: 0%CPEs: 17EXPL: 0CVE-2018-16262
https://notcve.org/view.php?id=CVE-2018-16262
22 Jan 2020 — The pkgmgr system service in Tizen allows an unprivileged process to perform package management actions, due to improper D-Bus security policy configurations. Such actions include installing, decrypting, and killing other packages. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2. El servicio de sistema pkgmgr en Tizen permite a un proceso no privilegiado llevar a cabo acciones de administración de paquetes, debido a configuraciones de polític... • https://media.defcon.org/DEF%20CON%2026/DEF%20CON%2026%20presentations/Dongsung%20Kim%20and%20Hyoung%20Kee%20Choi%20-%20Updated/DEFCON-26-Dongsung-Kim-and-Hyoung-Kee-Choi-Your-Watch-Can-Watch-You-Updated.pdf • CWE-269: Improper Privilege Management •
CVSS: 8.1EPSS: 0%CPEs: 17EXPL: 0CVE-2018-16266
https://notcve.org/view.php?id=CVE-2018-16266
22 Jan 2020 — The Enlightenment system service in Tizen allows an unprivileged process to fully control or capture windows, due to improper D-Bus security policy configurations. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2. El servicio de sistema Enlightenment en Tizen, permite a un proceso no privilegiado controlar o capturar completamente las ventanas, debido a configuraciones de política de seguridad D-Bus inapropiadas. Esto afecta a Tizen versiones ... • https://media.defcon.org/DEF%20CON%2026/DEF%20CON%2026%20presentations/Dongsung%20Kim%20and%20Hyoung%20Kee%20Choi%20-%20Updated/DEFCON-26-Dongsung-Kim-and-Hyoung-Kee-Choi-Your-Watch-Can-Watch-You-Updated.pdf • CWE-269: Improper Privilege Management •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2012-6459
https://notcve.org/view.php?id=CVE-2012-6459
01 Jan 2013 — ConnMan 1.3 on Tizen continues to list the bluetooth service after offline mode has been enabled, which might allow remote attackers to obtain sensitive information via Bluetooth packets. ConnMan v1.3 en Tizen sigue enumerando el servicio de bluetooth después que el modo fuera de línea se ha activado, lo que podría permitir a atacantes remotos obtener información sensible a través de paquetes Bluetooth. • https://bugs.tizen.org/jira/browse/TIVI-211 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •