CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2017-18696
https://notcve.org/view.php?id=CVE-2017-18696
An issue was discovered on Samsung mobile devices with M(6.0) and N(7.0) (Exynos7420, Exynos8890, or MSM8996 chipsets) software. RKP allows memory corruption. The Samsung ID is SVE-2016-7897 (January 2017). Se detectó un problema en dispositivos móviles Samsung con versiones de software M(6.0) y N(7.0) (Exynos7420, Exynos8890 o MSM8996). RKP permite una corrupción de la memoria. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2016-11026
https://notcve.org/view.php?id=CVE-2016-11026
An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), and M(6.0) software. BootReceiver allows attackers to trigger a system crash because of incorrect exception handling. The Samsung ID is SVE-2016-7118 (December 2016). Se detectó un problema en dispositivos móviles Samsung con versiones de software KK(4.4), L(5.0/5.1) y M(6.0). BootReceiver permite a atacantes activar un bloqueo del sistema debido al manejo incorrecto de excepciones. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 2.4EPSS: 0%CPEs: 1EXPL: 0CVE-2016-11027
https://notcve.org/view.php?id=CVE-2016-11027
An issue was discovered on Samsung mobile devices with M(6.0) software. In the Shade Locked state, a physically proximate attacker can read notifications on the lock screen. The Samsung ID is SVE-2016-7132 (December 2016). Se detectó un problema en dispositivos móviles Samsung con versión de software M(6.0). En el estado Shade Locked, un atacante físicamente próximo puede leer notificaciones en la pantalla de bloqueo. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2016-11029
https://notcve.org/view.php?id=CVE-2016-11029
An issue was discovered on Samsung mobile devices with L(5.0/5.1), M(6.0), and N(7.0) software. Attackers can read the password of the Mobile Hotspot in the log because of an unprotected intent. The Samsung ID is SVE-2016-7301 (December 2016). Se detectó un problema en dispositivos móviles Samsung con versiones de software L(5.0/5.1), M(6.0) y N(7.0). Los atacantes pueden leer la contraseña del Mobile Hotspot en el registro debido a un intent desprotegido. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-522: Insufficiently Protected Credentials •
CVSS: 8.1EPSS: 0%CPEs: 4EXPL: 0CVE-2016-11030
https://notcve.org/view.php?id=CVE-2016-11030
An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), and M(6.0) (with Hrm sensor support) software. The sysfs of the MAX86902 sensor driver does not prevent concurrent access, leading to a race condition and resultant heap-based buffer overflow. The Samsung ID is SVE-2016-7341 (December 2016). Se detectó un problema en dispositivos móviles Samsung con versiones de software KK(4.4), L(5.0/5.1) y M(6.0) (con soporte de sensor Hrm). El sysfs del controlador del sensor MAX86902 no impide el acceso concurrente, conllevando una condición de carrera y un desbordamiento del búfer en la región heap de la memoria resultante. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-787: Out-of-bounds Write •