CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2020-10852
https://notcve.org/view.php?id=CVE-2020-10852
24 Mar 2020 — An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. There is a stack overflow in display driver. The Samsung ID is SVE-2019-15877 (January 2020). Se detectó un problema en dispositivos móviles Samsung con versiones de software O(8.x), P(9.0) y Q(10.0). Se presenta un desbordamiento de pila (stack) en el controlador de pantalla. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2020-10850
https://notcve.org/view.php?id=CVE-2020-10850
24 Mar 2020 — An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos chipsets) software. The secure bootloade has a buffer overflow of the USB buffer, leading to arbitrary code execution. The Samsung ID is SVE-2019-15872 (January 2020). Se detectó un problema en dispositivos móviles Samsung con versiones de software O(8.x), P(9.0) y Q(10.0) (chipsets Exynos). El cargador de arranque seguro presenta un desbordamiento de búfer del búfer USB, conllevando a una ejecución de código arbitrar... • https://security.samsungmobile.com/securityUpdate.smsb • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 0CVE-2020-10849
https://notcve.org/view.php?id=CVE-2020-10849
24 Mar 2020 — An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos7885, Exynos8895, and Exynos9810 chipsets) software. The Gatekeeper trustlet allows a brute-force attack on the screen lock password. The Samsung ID is SVE-2019-14575 (January 2020). Se detectó un problema en dispositivos móviles Samsung con versiones de software O(8.x), P(9.0) y Q(10.0) (Exynos7885, Exynos8895 y Exynos9810). El Gatekeeper trustlet permite un ataque de fuerza bruta en la contraseña de bloqueo de pantal... • https://security.samsungmobile.com/securityUpdate.smsb • CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 0CVE-2020-10848
https://notcve.org/view.php?id=CVE-2020-10848
24 Mar 2020 — An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos 9810 chipsets) software. Arbitrary memory mapping exists in TEE. The Samsung ID is SVE-2019-16665 (February 2020). Se detectó un problema en dispositivos móviles Samsung con versiones de software O(8.x), P(9.0) y Q(10.0) (chipsets Exynos 9810). Se presenta una asignación de memoria arbitraria en TEE. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.4EPSS: 0%CPEs: 4EXPL: 0CVE-2020-10845
https://notcve.org/view.php?id=CVE-2020-10845
24 Mar 2020 — An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. There is a race condition leading to a use-after-free in MTP. The Samsung ID is SVE-2019-16520 (February 2020). Se detectó un problema en dispositivos móviles Samsung con versiones de software O(8.x), P(9.0) y Q(10.0). Se presenta una condición de carrera conllevando a un uso de la memoria previamente liberada en MTP. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2020-10844
https://notcve.org/view.php?id=CVE-2020-10844
24 Mar 2020 — An issue was discovered on Samsung mobile devices with O(8.x), P(9.x), and Q(10.0) software. There is an out-of-bounds read vulnerability in media.audio_policy. The Samsung ID is SVE-2019-16333 (February 2020). Se detectó un problema en dispositivos móviles Samsung con versiones de software O(8.x), P(9.x) y Q(10.0). Se presenta una vulnerabilidad de lectura fuera de límites en media.audio_policy. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-125: Out-of-bounds Read •
CVSS: 7.0EPSS: 0%CPEs: 4EXPL: 0CVE-2020-10843
https://notcve.org/view.php?id=CVE-2020-10843
24 Mar 2020 — An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (S.LSI chipsets) software. There are race conditions in the hdcp2 driver. The Samsung ID is SVE-2019-16296 (February 2020). Se detectó un problema en dispositivos móviles Samsung con versiones de software O(8.x), P(9.0) y Q(10.0) (chipsets S.LSI). Se presenta condiciones de carrera en el controlador hdcp2. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2020-10842
https://notcve.org/view.php?id=CVE-2020-10842
24 Mar 2020 — An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (S.LSI chipsets) software. There is a heap out-of-bounds write in the tsmux driver. The Samsung ID is SVE-2019-16295 (February 2020). Se detectó un problema en dispositivos móviles Samsung con versiones de software O(8.x), P(9.0) y Q(10.0) (chipsets S.LSI). Se presenta una escritura fuera de los límites de la pila en el controlador tsmux. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-787: Out-of-bounds Write •
CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0CVE-2020-10839
https://notcve.org/view.php?id=CVE-2020-10839
24 Mar 2020 — An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Attackers can bypass Factory Reset Protection (FRP) via a SIM card. The Samsung ID is SVE-2019-16193 (February 2020). Se detectó un problema en dispositivos móviles Samsung con versiones de software O(8.x), P(9.0) y Q(10.0). Los atacantes pueden omitir la Factory Reset Protection (FRP) por medio de una tarjeta SIM. • https://security.samsungmobile.com/securityUpdate.smsb •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2020-10836
https://notcve.org/view.php?id=CVE-2020-10836
24 Mar 2020 — An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos chipsets) software. The Widevine Trustlet allows read and write operations on arbitrary memory locations. The Samsung ID is SVE-2019-15873 (February 2020). Se detectó un problema en dispositivos móviles Samsung con versiones de software O(8.x), P(9.0) y Q(10.0) (chipsets Exynos). El Widevine Trustlet permite operaciones de lectura y escritura en ubicaciones de memoria arbitrarias. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •