Filtered by vendor Linux
Subscriptions
Filtered by product Tizen
Subscriptions
Total
13 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2012-6459 | 2 Intel, Linux | 2 Connman, Tizen | 2024-09-17 | N/A |
ConnMan 1.3 on Tizen continues to list the bluetooth service after offline mode has been enabled, which might allow remote attackers to obtain sensitive information via Bluetooth packets. | ||||
CVE-2018-16262 | 2 Linux, Samsung | 2 Tizen, Galaxy Gear | 2024-08-05 | 8.8 High |
The pkgmgr system service in Tizen allows an unprivileged process to perform package management actions, due to improper D-Bus security policy configurations. Such actions include installing, decrypting, and killing other packages. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2. | ||||
CVE-2018-16263 | 2 Linux, Samsung | 2 Tizen, Galaxy Gear | 2024-08-05 | 8.8 High |
The PulseAudio system service in Tizen allows an unprivileged process to control its A2DP MediaEndpoint, due to improper D-Bus security policy configurations. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2. | ||||
CVE-2018-16267 | 2 Linux, Samsung | 2 Tizen, Galaxy Gear | 2024-08-05 | 8.1 High |
The system-popup system service in Tizen allows an unprivileged process to perform popup-related system actions, due to improper D-Bus security policy configurations. Such actions include the triggering system poweroff menu, and prompting a popup with arbitrary strings. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2. | ||||
CVE-2018-16268 | 2 Linux, Samsung | 2 Tizen, Galaxy Gear | 2024-08-05 | 4.3 Medium |
The SoundServer/FocusServer system services in Tizen allow an unprivileged process to perform media-related system actions, due to improper D-Bus security policy configurations. Such actions include playing an arbitrary sound file or DTMF tones. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2. | ||||
CVE-2018-16265 | 2 Linux, Samsung | 2 Tizen, Galaxy Gear | 2024-08-05 | 6.5 Medium |
The bt/bt_core system service in Tizen allows an unprivileged process to create a system user interface and control the Bluetooth pairing process, due to improper D-Bus security policy configurations. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2. | ||||
CVE-2018-16266 | 2 Linux, Samsung | 2 Tizen, Galaxy Gear | 2024-08-05 | 8.1 High |
The Enlightenment system service in Tizen allows an unprivileged process to fully control or capture windows, due to improper D-Bus security policy configurations. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2. | ||||
CVE-2018-16264 | 2 Linux, Samsung | 2 Tizen, Galaxy Gear | 2024-08-05 | 6.5 Medium |
The BlueZ system service in Tizen allows an unprivileged process to partially control Bluetooth or acquire sensitive information, due to improper D-Bus security policy configurations. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2. | ||||
CVE-2021-25435 | 1 Linux | 1 Tizen | 2024-08-03 | 9.8 Critical |
Improper input validation vulnerability in Tizen bootloader prior to Firmware update JUL-2021 Release allows arbitrary code execution using recovery partition in wireless firmware download mode. | ||||
CVE-2021-25436 | 1 Linux | 1 Tizen | 2024-08-03 | 9.8 Critical |
Improper input validation vulnerability in Tizen FOTA service prior to Firmware update JUL-2021 Release allows arbitrary code execution via Samsung Accessory Protocol. | ||||
CVE-2021-25437 | 1 Linux | 1 Tizen | 2024-08-03 | 9.8 Critical |
Improper access control vulnerability in Tizen FOTA service prior to Firmware update JUL-2021 Release allows attackers to arbitrary code execution by replacing FOTA update file. | ||||
CVE-2021-25434 | 1 Linux | 1 Tizen | 2024-08-03 | 9.8 Critical |
Improper input validation vulnerability in Tizen bootloader prior to Firmware update JUL-2021 Release allows arbitrary code execution using param partition in wireless firmware download mode. | ||||
CVE-2021-25433 | 1 Linux | 1 Tizen | 2024-08-03 | 5.5 Medium |
Improper authorization vulnerability in Tizen factory reset policy prior to Firmware update JUL-2021 Release allows untrusted applications to perform factory reset using dbus signal. |
Page 1 of 1.