CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2018-21044
https://notcve.org/view.php?id=CVE-2018-21044
An issue was discovered on Samsung mobile devices with N(7.x) and O(8.0) software. The sem Trustlet has a buffer overflow that leads to arbitrary TEE code execution. The Samsung IDs are SVE-2018-13230, SVE-2018-13231, SVE-2018-13232, SVE-2018-13233 (December 2018). Se detectó un problema en dispositivos móviles Samsung con versiones de software N(7.x) y O(8.0). El Trustlet sem presenta un desbordamiento de búfer que conlleva a una ejecución de código TEE arbitraria. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 0CVE-2018-21042
https://notcve.org/view.php?id=CVE-2018-21042
An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. Dual Messenger allows installation of an arbitrary APK with resultant privileged code execution. The Samsung ID is SVE-2018-13299 (December 2018). Se detectó un problema en dispositivos móviles Samsung con versiones de software N(7.x), O(8.x) y P(9.0). Dual Messenger permite la instalación de un APK arbitrario con una ejecución de código privilegiada resultante. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-862: Missing Authorization •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2018-21078
https://notcve.org/view.php?id=CVE-2018-21078
An issue was discovered on Samsung mobile devices with M(6.0), N(7.x), and O(8.0) software. The Contacts application allows attackers to originate video calls because SS (Supplementary Service) and USSD (Unstructured Supplementary Service Data) codes are improperly secured. The Samsung ID is SVE-2018-11469 (April 2018). Se detectó un problema en dispositivos móviles Samsung con versiones de software M(6.0), N(7.x) y O(8.0). La aplicación Contacts permite a atacantes originar videollamadas porque los códigos SS (Supplementary Service) y USSD (Unstructured Supplementary Service Data) están asegurados inapropiadamente. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 12EXPL: 0CVE-2018-21079
https://notcve.org/view.php?id=CVE-2018-21079
An issue was discovered on Samsung mobile devices with L(5.x), M(6.0), N(7.x), and O(8.0) software. There is a kernel pointer leak in the USB gadget driver. The Samsung ID is SVE-2017-10993 (March 2018). Se detectó un problema en dispositivos móviles Samsung con versiones de software L(5.x), M(6.0), N(7.x) y O(8.0). Se presenta una fuga del puntero del kernel en el controlador del gadget USB. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2018-21083
https://notcve.org/view.php?id=CVE-2018-21083
An issue was discovered on Samsung mobile devices with M(6.0), N(7.x), and O(8.0) (Exynos or Qualcomm chipsets) software. There is information disclosure (of a kernel address) via trustonic_tee. The Samsung ID is SVE-2017-11175 (February 2018). Se detectó un problema en dispositivos móviles Samsung con versiones de software M(6.0), N(7.x) y O(8.0) (chipsets Exynos o Qualcomm). Se presenta una divulgación de información (de una dirección del kernel) por medio de trustonic_tee. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •