CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2018-21051
https://notcve.org/view.php?id=CVE-2018-21051
An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) (Exynos chipsets) software. There is an invalid free in the fingerprint Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2018-12853 (October 2018). Se detectó un problema en dispositivos móviles Samsung con versión de software N(7.x) y O (8.x) (chipsets Exynos). Se presenta una liberación no válida en el Trustlet fingerprint, conllevando a una ejecución de código arbitraria. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2018-21050
https://notcve.org/view.php?id=CVE-2018-21050
An issue was discovered on Samsung mobile devices with N(7.x) and O(8.X) (Exynos chipsets) software. There is a Buffer overflow in the esecomm Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2018-12852 (October 2018). Se detectó un problema en dispositivos móviles Samsung con versiones de software N(7.x) y O(8.x) (chipsets Exynos). Se presenta un desbordamiento del Búfer en el Trustlet esecomm, conllevando a una ejecución de código arbitraria. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2018-21060
https://notcve.org/view.php?id=CVE-2018-21060
An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) software. There is a Keyboard learned words leak in the locked state via the emergency contact picker. The Samsung IDs are SVE-2018-11989, SVE-2018-11990 (September 2018). Se detectó un problema en dispositivos móviles Samsung con versiones de software N(7.x) y O(8.x). Se presenta una fuga de palabras aprendidas del Keyboard en el estado bloqueado por medio del selector de contactos de emergencia. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2018-21049
https://notcve.org/view.php?id=CVE-2018-21049
An issue was discovered on Samsung mobile devices with N(7.x) and O(8.X) (Exynos chipsets) software. There is an arbitrary memory write in a Trustlet because a secure driver allows access to sensitive APIs. The Samsung ID is SVE-2018-12881 (November 2018). Se detectó un problema en dispositivos móviles Samsung con versiones de software N(7.x) y O(8.x) (chipsets Exynos). Se presenta una escritura de memoria arbitraria en un Trustlet porque un controlador seguro permite el acceso a las API confidenciales. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-787: Out-of-bounds Write •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0CVE-2018-21061
https://notcve.org/view.php?id=CVE-2018-21061
An issue was discovered on Samsung mobile devices with N(7.1) and O(8.x) software. A fake charger can execute critical functions in the locked state. The Samsung ID is SVE-2016-6341 (August 2018). Se detectó un problema en dispositivos móviles Samsung con versiones de software N(7.1) y O(8.x). Un cargador falso puede ejecutar funciones críticas en el estado bloqueado. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-276: Incorrect Default Permissions •