CVSS: 8.1EPSS: 0%CPEs: 8EXPL: 0CVE-2017-18692
https://notcve.org/view.php?id=CVE-2017-18692
An issue was discovered on Samsung mobile devices with M(6.0) and N(7.0) (MSM8939, MSM8996, MSM8998, Exynos7580, Exynos8890, or Exynos8895 chipsets) software. There is a race condition, with a resultant buffer overflow, in the sec_ts touchscreen sysfs interface. The Samsung ID is SVE-2016-7501 (January 2017). Se detectó un problema en dispositivos móviles Samsung con versiones de software M(6.0) y N(7.0) (MSM8939, MSM8996, MSM8998, Exynos7580, Exynos8890 o Exynos8895). Se presenta una condición de carrera, con un desbordamiento del búfer resultante, en la interfaz sysfs de la pantalla táctil de sec_ts. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2017-18693
https://notcve.org/view.php?id=CVE-2017-18693
An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.0) software. There is a buffer overflow in the fps sysfs entry. The Samsung ID is SVE-2016-7510 (January 2017). Se detectó un problema en dispositivos móviles Samsung con versiones de software KK(4.4), L(5.0/5.1), M(6.0) y N(7.0). Se presenta un desbordamiento de búfer en la entrada fps sysfs. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2017-18695
https://notcve.org/view.php?id=CVE-2017-18695
An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.0) software. Attackers (who control a certain subdomain) can discover a user's credentials, during an email account login, via an EAS autodiscover packet. The Samsung ID is SVE-2016-7654 (January 2017). Se detectó un problema en dispositivos móviles Samsung con versiones de software KK(4.4), L(5.0/5.1), M(6.0), y N(7.0). Los atacantes (que controlan un determinado subdominio) pueden detectar las credenciales de un usuario, durante el inicio de sesión de una cuenta de correo electrónico, por medio de un paquete de autodetección EAS. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-522: Insufficiently Protected Credentials •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2017-18696
https://notcve.org/view.php?id=CVE-2017-18696
An issue was discovered on Samsung mobile devices with M(6.0) and N(7.0) (Exynos7420, Exynos8890, or MSM8996 chipsets) software. RKP allows memory corruption. The Samsung ID is SVE-2016-7897 (January 2017). Se detectó un problema en dispositivos móviles Samsung con versiones de software M(6.0) y N(7.0) (Exynos7420, Exynos8890 o MSM8996). RKP permite una corrupción de la memoria. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2016-11029
https://notcve.org/view.php?id=CVE-2016-11029
An issue was discovered on Samsung mobile devices with L(5.0/5.1), M(6.0), and N(7.0) software. Attackers can read the password of the Mobile Hotspot in the log because of an unprotected intent. The Samsung ID is SVE-2016-7301 (December 2016). Se detectó un problema en dispositivos móviles Samsung con versiones de software L(5.0/5.1), M(6.0) y N(7.0). Los atacantes pueden leer la contraseña del Mobile Hotspot en el registro debido a un intent desprotegido. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-522: Insufficiently Protected Credentials •