Page 27 of 1801 results (0.006 seconds)

CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0

An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. WapService allows unconfirmed configuration changes via a modified OMACP message. The LG ID is LVE-SMP-190006 (August 2019). Se descubrió un problema en los dispositivos móviles LG con el software del Sistema Operativo Android versiones 7.0, 7.1, 7.2, 8.0, 8.1 y 9.0. WapService permite cambios de configuración no confirmados por medio de un mensaje OMACP modificado. • https://lgsecurity.lge.com •

CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 0

An issue was discovered on Samsung mobile devices with KK(4.4) and later software through 2015-06-16. In some cases, HTTP is used for an Inputmethod, rather than HTTPS. A man-in-the-middle attacker can modify the client-server data stream to insert directory traversal sequences into an extracted file path. The Samsung ID is SVE-2015-4363 (November 2015). Se detectó un problema en dispositivos móviles Samsung con versiones de software KK(4.4) y posteriores hasta el 16-06-2015. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

An issue was discovered on Samsung mobile devices with JBP(4.3) and KK(4.4.2) software. Because the READ_LOGS permission is mishandled, sensitive information is disclosed in a world-readable copy of the log file if the error message is "Unhandled exception in Dalvik VM," "Application not responding ANR event," or "Crash on an application's native code." The Samsung ID is SVE-2015-2885 (October 2015). Se detectó un problema en dispositivos móviles Samsung con versiones de software JBP(4.3) y KK(4.4.2). Debido a que el permiso READ_LOGS se maneja inapropiadamente, la información confidencial es divulgada en una copia de tipo world-readable del archivo de registro si el mensaje de error es "Unhandled exception in Dalvik VM," "Application not responding ANR event," o "Crash on an application's native code." • https://security.samsungmobile.com/securityUpdate.smsb • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

An issue was discovered on Samsung mobile devices with KK(4.4) and later software through 2015-05-13. There is a buffer overflow in datablock_write because the amount of received data is not validated. The Samsung ID is SVE-2015-4018 (December 2015). Se detectó un problema en dispositivos móviles Samsung con versiones de software KK(4.4) y posteriores hasta 13-05-2015. Se presenta un desbordamiento del búfer en datablock_write porque la cantidad de datos recibidos no es validada. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0

An issue was discovered on Samsung mobile devices with N(7.0) (Qualcomm models using MSM8996 chipsets) software. A device can be rooted with a custom image to execute arbitrary scripts in the INIT context. The Samsung ID is SVE-2018-11940 (September 2018). Se detectó un problema en dispositivos móviles Samsung con versiones de software N(7.0) (modelos Qualcomm que usan chipsets MSM8996). Un dispositivo puede ser rooteado con una imagen personalizada para ejecutar scripts arbitrarios en el contexto INIT. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-20: Improper Input Validation •