Filtered by vendor Samsung
Subscriptions
Total
1110 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2018-16267 | 2 Linux, Samsung | 2 Tizen, Galaxy Gear | 2024-11-21 | 8.1 High |
The system-popup system service in Tizen allows an unprivileged process to perform popup-related system actions, due to improper D-Bus security policy configurations. Such actions include the triggering system poweroff menu, and prompting a popup with arbitrary strings. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2. | ||||
CVE-2018-16266 | 2 Linux, Samsung | 2 Tizen, Galaxy Gear | 2024-11-21 | 8.1 High |
The Enlightenment system service in Tizen allows an unprivileged process to fully control or capture windows, due to improper D-Bus security policy configurations. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2. | ||||
CVE-2018-16265 | 2 Linux, Samsung | 2 Tizen, Galaxy Gear | 2024-11-21 | 6.5 Medium |
The bt/bt_core system service in Tizen allows an unprivileged process to create a system user interface and control the Bluetooth pairing process, due to improper D-Bus security policy configurations. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2. | ||||
CVE-2018-16264 | 2 Linux, Samsung | 2 Tizen, Galaxy Gear | 2024-11-21 | 6.5 Medium |
The BlueZ system service in Tizen allows an unprivileged process to partially control Bluetooth or acquire sensitive information, due to improper D-Bus security policy configurations. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2. | ||||
CVE-2018-16263 | 2 Linux, Samsung | 2 Tizen, Galaxy Gear | 2024-11-21 | 8.8 High |
The PulseAudio system service in Tizen allows an unprivileged process to control its A2DP MediaEndpoint, due to improper D-Bus security policy configurations. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2. | ||||
CVE-2018-16262 | 2 Linux, Samsung | 2 Tizen, Galaxy Gear | 2024-11-21 | 8.8 High |
The pkgmgr system service in Tizen allows an unprivileged process to perform package management actions, due to improper D-Bus security policy configurations. Such actions include installing, decrypting, and killing other packages. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2. | ||||
CVE-2018-14908 | 1 Samsung | 1 Syncthru Web Service | 2024-11-21 | N/A |
Samsung Syncthru Web Service V4.05.61 is vulnerable to CSRF on every request, as demonstrated by sws.application/printinformation/printReportSetupView.sws for a "Print emails sent" action. | ||||
CVE-2018-14904 | 1 Samsung | 1 Syncthru Web Service | 2024-11-21 | N/A |
Samsung Syncthru Web Service V4.05.61 is vulnerable to Multiple unauthenticated XSS attacks on several parameters, as demonstrated by ruiFw_pid. | ||||
CVE-2018-14856 | 1 Samsung | 2 Galaxy S6, Galaxy S6 Firmware | 2024-11-21 | N/A |
Buffer overflow in dhd_bus_flow_ring_create_response in drivers/net/wireless/bcmdhd4358/dhd_pcie.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allow an attacker (who has obtained code execution on the Wi-Fi) chip to cause the device driver to perform invalid memory accesses. The Samsung ID is SVE-2018-11785. | ||||
CVE-2018-14855 | 1 Samsung | 2 Galaxy S6, Galaxy S6 Firmware | 2024-11-21 | N/A |
Buffer overflow in dhd_bus_flow_ring_flush_response in drivers/net/wireless/bcmdhd4358/dhd_pcie.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 allow an attacker (who has obtained code execution on the Wi-Fi chip) to cause the device driver to perform invalid memory accesses. The Samsung ID is SVE-2018-11785. | ||||
CVE-2018-14854 | 1 Samsung | 2 Galaxy S6, Galaxy S6 Firmware | 2024-11-21 | N/A |
Buffer overflow in dhd_bus_flow_ring_delete_response in drivers/net/wireless/bcmdhd4358/dhd_pcie.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allow an attacker (who has obtained code execution on the Wi-Fi chip) to cause the device driver to perform invalid memory accesses. The Samsung ID is SVE-2018-11785. | ||||
CVE-2018-14853 | 1 Samsung | 2 Galaxy S6, Galaxy S6 Firmware | 2024-11-21 | N/A |
A NULL pointer dereference in dhd_prot_txdata_write_flush in drivers/net/wireless/bcmdhd4358/dhd_msgbuf.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allows an attacker (who has obtained code execution on the Wi-Fi chip) to cause the device to reboot. The Samsung ID is SVE-2018-11783. | ||||
CVE-2018-14852 | 1 Samsung | 2 Galaxy S6, Galaxy S6 Firmware | 2024-11-21 | N/A |
Out-of-bounds array access in dhd_rx_frame in drivers/net/wireless/bcmdhd4358/dhd_linux.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allows an attacker (who has obtained code execution on the Wi-Fi chip) to cause invalid accesses to operating system memory due to improper validation of the network interface index provided by the Wi-Fi chip's firmware. | ||||
CVE-2018-14745 | 1 Samsung | 2 Galaxy S6, Galaxy S6 Firmware | 2024-11-21 | N/A |
Buffer overflow in prot_get_ring_space in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allows an attacker (who has obtained code execution on the Wi-Fi chip) to overwrite kernel memory due to improper validation of the ring buffer read pointer. The Samsung ID is SVE-2018-12029. | ||||
CVE-2018-14318 | 1 Samsung | 2 Galaxy S8, Galaxy S8 Firmware | 2024-11-21 | N/A |
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy S8 G950FXXU1AQL5. User interaction is required to exploit this vulnerability in that the target must have their cellular radios enabled. The specific flaw exists within the handling of IPCP headers. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length, stack-based buffer. An attacker can leverage this vulnerability to execute code under the context of the baseband processor. Was ZDI-CAN-5368. | ||||
CVE-2018-12038 | 1 Samsung | 2 840 Evo, 840 Evo Firmware | 2024-11-21 | N/A |
An issue was discovered on Samsung 840 EVO devices. Vendor-specific commands may allow access to the disk-encryption key. | ||||
CVE-2018-12037 | 2 Micron, Samsung | 14 Crucial Mx100, Crucial Mx100 Firmware, Crucial Mx200 and 11 more | 2024-11-21 | N/A |
An issue was discovered on Samsung 840 EVO and 850 EVO devices (only in "ATA high" mode, not vulnerable in "TCG" or "ATA max" mode), Samsung T3 and T5 portable drives, and Crucial MX100, MX200 and MX300 devices. Absence of a cryptographic link between the password and the Disk Encryption Key allows attackers with privileged access to SSD firmware full access to encrypted data. | ||||
CVE-2018-11689 | 2 Hanwha-security, Samsung | 19 Hrd-1641, Hrd-1641 Firmware, Hrd-1642 and 16 more | 2024-11-21 | 6.1 Medium |
Web Viewer for Hanwha DVR 2.17 and Smart Viewer in Samsung Web Viewer for Samsung DVR are vulnerable to XSS via the /cgi-bin/webviewer_login_page data3 parameter. (The same Web Viewer codebase was transitioned from Samsung to Hanwha.) | ||||
CVE-2018-11614 | 1 Samsung | 1 Samsung Members | 2024-11-21 | N/A |
This vulnerability allows remote attackers to escalate privileges on vulnerable installations of Samsung Members Fixed in version 2.4.25. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of Intents. The issue lies in the ability to send an Intent that would not otherwise be reachable. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the application. Was ZDI-CAN-5361. | ||||
CVE-2018-10751 | 1 Samsung | 1 Samsung Mobile | 2024-11-21 | N/A |
A malformed OMACP WAP push message can cause memory corruption on a Samsung S7 Edge device when processing the String Extension portion of the WbXml payload. This is due to an integer overflow in memory allocation for this string. The Samsung ID is SVE-2018-11463. |