NotCVE - vendor:"Samsung" product:"Galaxy S8 Firmware"

3 results (0.003 seconds)

CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0

CVE-2019-16401

https://notcve.org/view.php?id=CVE-2019-16401

06 Nov 2019 — Samsung Galaxy S8 plus (Android version: 8.0.0, Build Number: R16NW.G955USQU5CRG3, Baseband Vendor: Qualcomm Snapdragon 835, Baseband: G955USQU5CRG3), Samsung Galaxy S3 (Android version: 4.3, Build Number: JSS15J.I9300XXUGND5, Baseband Vendor: Samsung Exynos 4412, Baseband: I9300XXUGNA8), and Samsung Galaxy Note 2 (Android version: 4.3, Build Number: JSS15J.I9300XUGND5, Baseband Vendor: Samsung Exynos 4412, Baseband: N7100DDUFND1) devices allow injection of AT+CIMI and AT+CGSN over Bluetooth, leaking sensit... • https://www.openconf.org/acsac2019/modules/request.php?module=oc_program&action=summary.php&id=210 •

CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0

CVE-2019-16400

https://notcve.org/view.php?id=CVE-2019-16400

06 Nov 2019 — Samsung Galaxy S8 plus (Android version: 8.0.0, Build Number: R16NW.G955USQU5CRG3, Baseband Vendor: Qualcomm Snapdragon 835, Baseband: G955USQU5CRG3), Samsung Galaxy S3 (Android version: 4.3, Build Number: JSS15J.I9300XXUGND5, Baseband Vendor: Samsung Exynos 4412, Baseband: I9300XXUGNA8), and Samsung Galaxy Note 2 (Android version: 4.3, Build Number: JSS15J.I9300XUGND5, Baseband Vendor: Samsung Exynos 4412, Baseband: N7100DDUFND1) devices allow attackers to send AT commands over Bluetooth, resulting in seve... • https://www.openconf.org/acsac2019/modules/request.php?module=oc_program&action=summary.php&id=210 •

CVSS: 8.8EPSS: 1%CPEs: 2EXPL: 0

CVE-2018-14318 – (Pwn2own) Samsung Galaxy S8 Shannon GPRS Stack-based Buffer Overflow Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2018-14318

21 Sep 2018 — This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy S8 G950FXXU1AQL5. User interaction is required to exploit this vulnerability in that the target must have their cellular radios enabled. The specific flaw exists within the handling of IPCP headers. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length, stack-based buffer. An attacker can leverage this vulnerability to exe... • https://zerodayinitiative.com/advisories/ZDI-18-1077 • CWE-20: Improper Input Validation CWE-121: Stack-based Buffer Overflow •