CVE-2018-21045
https://notcve.org/view.php?id=CVE-2018-21045
An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) software. There is Clipboard access in the lockscreen state via a copy-and-paste action. The Samsung ID is SVE-2018-13381 (December 2018). Se detectó un problema en dispositivos móviles Samsung con versiones de software N(7.x) y O(8.x). Se presenta un acceso al Clipboard en el estado de pantalla de bloqueo mediante una acción copiar y pegar. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2018-21044
https://notcve.org/view.php?id=CVE-2018-21044
An issue was discovered on Samsung mobile devices with N(7.x) and O(8.0) software. The sem Trustlet has a buffer overflow that leads to arbitrary TEE code execution. The Samsung IDs are SVE-2018-13230, SVE-2018-13231, SVE-2018-13232, SVE-2018-13233 (December 2018). Se detectó un problema en dispositivos móviles Samsung con versiones de software N(7.x) y O(8.0). El Trustlet sem presenta un desbordamiento de búfer que conlleva a una ejecución de código TEE arbitraria. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2018-21042
https://notcve.org/view.php?id=CVE-2018-21042
An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. Dual Messenger allows installation of an arbitrary APK with resultant privileged code execution. The Samsung ID is SVE-2018-13299 (December 2018). Se detectó un problema en dispositivos móviles Samsung con versiones de software N(7.x), O(8.x) y P(9.0). Dual Messenger permite la instalación de un APK arbitrario con una ejecución de código privilegiada resultante. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-862: Missing Authorization •
CVE-2018-21078
https://notcve.org/view.php?id=CVE-2018-21078
An issue was discovered on Samsung mobile devices with M(6.0), N(7.x), and O(8.0) software. The Contacts application allows attackers to originate video calls because SS (Supplementary Service) and USSD (Unstructured Supplementary Service Data) codes are improperly secured. The Samsung ID is SVE-2018-11469 (April 2018). Se detectó un problema en dispositivos móviles Samsung con versiones de software M(6.0), N(7.x) y O(8.0). La aplicación Contacts permite a atacantes originar videollamadas porque los códigos SS (Supplementary Service) y USSD (Unstructured Supplementary Service Data) están asegurados inapropiadamente. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-20: Improper Input Validation •
CVE-2018-21079
https://notcve.org/view.php?id=CVE-2018-21079
An issue was discovered on Samsung mobile devices with L(5.x), M(6.0), N(7.x), and O(8.0) software. There is a kernel pointer leak in the USB gadget driver. The Samsung ID is SVE-2017-10993 (March 2018). Se detectó un problema en dispositivos móviles Samsung con versiones de software L(5.x), M(6.0), N(7.x) y O(8.0). Se presenta una fuga del puntero del kernel en el controlador del gadget USB. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-401: Missing Release of Memory after Effective Lifetime •