CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2018-21072
https://notcve.org/view.php?id=CVE-2018-21072
An issue was discovered on Samsung mobile devices with M(6.0), N(7.x), and O(8.0) (Exynos chipsets) software. A kernel driver allows out-of-bounds Read/Write operations and possibly arbitrary code execution. The Samsung ID is SVE-2018-11358 (May 2018). Se detectó un problema en dispositivos móviles Samsung con versiones de software M(6.0), N(7.x) y O(8.0) (chipsets Exynos). Un controlador del kernel permite operaciones de Lectura y Escritura fuera de límites y posiblemente una ejecución de código arbitraria. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 3.3EPSS: 0%CPEs: 2EXPL: 0CVE-2018-21074
https://notcve.org/view.php?id=CVE-2018-21074
An issue was discovered on Samsung mobile devices with M(6.x) (Exynos or Qualcomm chipsets) software. There is information disclosure from a Trustlet via the debug log. The Samsung ID is SVE-2017-10638 (April 2018). Se detectó un problema en dispositivos móviles Samsung con versión de software M(6.x) (chipsets Exynos o Qualcomm). Se presenta una divulgación de información desde un Trustlet por medio del registro de depuración. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 2.4EPSS: 0%CPEs: 6EXPL: 0CVE-2018-21077
https://notcve.org/view.php?id=CVE-2018-21077
An issue was discovered on Samsung mobile devices with M(6.0), N(7.x), and O(8.x) software. There is a Clipboard content disclosure in the locked state because the keyboard may be used during an emergency call. The Samsung ID is SVE-2017-11107 (April 2018). Se detectó un problema en dispositivos móviles Samsung con versiones de software M(6.0), N(7.x) y O(8.x). Se presenta una divulgación de contenido del Clipboard en el estado bloqueado porque el teclado puede ser usado durante una llamada de emergencia. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2018-21078
https://notcve.org/view.php?id=CVE-2018-21078
An issue was discovered on Samsung mobile devices with M(6.0), N(7.x), and O(8.0) software. The Contacts application allows attackers to originate video calls because SS (Supplementary Service) and USSD (Unstructured Supplementary Service Data) codes are improperly secured. The Samsung ID is SVE-2018-11469 (April 2018). Se detectó un problema en dispositivos móviles Samsung con versiones de software M(6.0), N(7.x) y O(8.0). La aplicación Contacts permite a atacantes originar videollamadas porque los códigos SS (Supplementary Service) y USSD (Unstructured Supplementary Service Data) están asegurados inapropiadamente. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 12EXPL: 0CVE-2018-21079
https://notcve.org/view.php?id=CVE-2018-21079
An issue was discovered on Samsung mobile devices with L(5.x), M(6.0), N(7.x), and O(8.0) software. There is a kernel pointer leak in the USB gadget driver. The Samsung ID is SVE-2017-10993 (March 2018). Se detectó un problema en dispositivos móviles Samsung con versiones de software L(5.x), M(6.0), N(7.x) y O(8.0). Se presenta una fuga del puntero del kernel en el controlador del gadget USB. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-401: Missing Release of Memory after Effective Lifetime •