CVSS: 10.0EPSS: 0%CPEs: 7EXPL: 0CVE-2019-20621
https://notcve.org/view.php?id=CVE-2019-20621
24 Mar 2020 — An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Exynos chipsets) software. There is a baseband heap overflow. The Samsung ID is SVE-2018-13187 (February 2019). Se detectó un problema en dispositivos móviles Samsung con versiones de software N(7.x), O(8.x) y P(9.0) (chipsets Exynos). Se presenta un desbordamiento de pila (heap) de la banda base. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-787: Out-of-bounds Write •
CVSS: 5.3EPSS: 0%CPEs: 6EXPL: 0CVE-2019-20616
https://notcve.org/view.php?id=CVE-2019-20616
24 Mar 2020 — An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) software. Gallery leaks a thumbnail of Private Mode content. The Samsung ID is SVE-2018-13563 (March 2019). Se detectó un problema en dispositivos móviles Samsung con versiones de software N(7.x) y O(8.x). Gallery filtra una miniatura del contenido del Private Mode. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.6EPSS: 0%CPEs: 6EXPL: 0CVE-2019-20615
https://notcve.org/view.php?id=CVE-2019-20615
24 Mar 2020 — An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) software. Attackers can bypass Factory Reset Protection (FRP) via SVoice T&C. The Samsung ID is SVE-2018-13547 (March 2019). Se detectó un problema en dispositivos móviles Samsung con versiones de software N(7.x) y O(8.x). Los atacantes pueden omitir la Factory Reset Protection (FRP) por medio de SVoice T&C. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2019-20614
https://notcve.org/view.php?id=CVE-2019-20614
24 Mar 2020 — An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. Allshare allows attackers to access sensitive information. The Samsung ID is SVE-2018-13453 (March 2019). Se detectó un problema en dispositivos móviles Samsung con versiones de software N(7.x), O(8.x) y P(9.0). Allshare permite a atacantes acceder a información confidencial. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-862: Missing Authorization •
CVSS: 8.1EPSS: 0%CPEs: 6EXPL: 0CVE-2019-20613
https://notcve.org/view.php?id=CVE-2019-20613
24 Mar 2020 — An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) software. There is time-based SQL injection in Contacts. The Samsung ID is SVE-2018-13452 (March 2019). Se detectó un problema en dispositivos móviles Samsung con versiones de software N(7.x) y O(8.x). Se presenta una inyección SQL basada en tiempo en Contacts. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2019-20612
https://notcve.org/view.php?id=CVE-2019-20612
24 Mar 2020 — An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) (Broadcom Wi-Fi, and SEC Wi-Fi chipsets) software. Wi-Fi allows a denial of service via TCP SYN packets. The Samsung ID is SVE-2018-13162 (March 2019). Se detectó un problema en dispositivos móviles Samsung con versiones de software N(7.x) y O(8.x) (chipsets Broadcom Wi-Fi y SEC Wi-Fi). Wi-Fi permite una denegación de servicio por medio de paquetes TCP SYN. • https://security.samsungmobile.com/securityUpdate.smsb •
CVSS: 10.0EPSS: 0%CPEs: 7EXPL: 0CVE-2019-20611
https://notcve.org/view.php?id=CVE-2019-20611
24 Mar 2020 — An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), Go(8.1), P(9.0), and Go(9.0) (Exynos chipsets) software. A baseband stack overflow leads to arbitrary code execution. The Samsung ID is SVE-2019-13963 (April 2019). Se detectó un problema en dispositivos móviles Samsung con versiones de software N(7.x), O(8.x), Go(8.1), P(9.0) y Go(9.0) (chipsets Exynos). Un desbordamiento de pila (stack) de la banda base conlleva a una ejecución de código arbitrario. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 0%CPEs: 13EXPL: 0CVE-2019-20610
https://notcve.org/view.php?id=CVE-2019-20610
24 Mar 2020 — An issue was discovered on Samsung mobile devices with N(7.X) and O(8.X) (Exynos 7570, 7870, 7880, 7885, 8890, 8895, and 9810 chipsets) software. A double-fetch vulnerability in Trustlet allows arbitrary TEE code execution. The Samsung ID is SVE-2019-13910 (April 2019). Se detectó un problema en dispositivos móviles Samsung con versiones de software N(7.X) y O(8.X) (Exynos 7570, 7870, 7880, 7885, 8890, 8895 y 9810). Una vulnerabilidad de doble extracción en Trustlet permite una ejecución arbitraria de códig... • https://security.samsungmobile.com/securityUpdate.smsb • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2019-20608
https://notcve.org/view.php?id=CVE-2019-20608
24 Mar 2020 — An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. An attacker can use Emergency mode to disable features. The Samsung IDs are SVE-2018-13164, SVE-2018-13165 (April 2019). Se detectó un problema en dispositivos móviles Samsung con versiones de software N(7.x), O(8.x) y P(9.0). Un atacante puede usar el modo Emergency para deshabilitar las funciones. • https://security.samsungmobile.com/securityUpdate.smsb •
CVSS: 10.0EPSS: 0%CPEs: 13EXPL: 0CVE-2019-20607
https://notcve.org/view.php?id=CVE-2019-20607
24 Mar 2020 — An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (MSM8996, MSM8998, Exynos7420, Exynos7870, Exynos8890, and Exynos8895 chipsets) software. A heap overflow in the keymaster Trustlet allows attackers to write to TEE memory, and achieve arbitrary code execution. The Samsung ID is SVE-2019-14126 (May 2019). Se detectó un problema en dispositivos móviles Samsung con versiones de software N(7.x), O(8.x) y P(9.0) (MSM8996, MSM8998, Exynos7420, Exynos7870, Exynos8890 y Exynos8895). ... • https://security.samsungmobile.com/securityUpdate.smsb • CWE-787: Out-of-bounds Write •