|
249181
|
7.2 |
HIGH
Network
|
google
|
android
|
An issue was discovered on Samsung mobile devices with N(7.x) software. An attacker can boot a device with root privileges because the bootloader for the Qualcomm MSM8998 chipset lacks an integrity c…
|
CWE-354
Improper Validation of Integrity Check Value
|
CVE-2017-18649
|
2024-11-21 12:20 |
2020-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249182
|
9.1 |
CRITICAL
Network
|
google
|
android
|
An issue was discovered on Samsung mobile devices with KK(4.4.x), L(5.x), M(6.x), and N(7.x) software. Arbitrary file read/write operations can occur in the locked state via a crafted MTP command. Th…
|
CWE-20
Improper Input Validation
|
CVE-2017-18648
|
2024-11-21 12:20 |
2020-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249183
|
8.1 |
HIGH
Network
|
google
|
android
|
An issue was discovered on Samsung mobile devices with M(6,x) and N(7.0) software. The TA Scrypto v1.0 implementation in Secure Driver has a race condition with a resultant buffer overflow. The Samsu…
|
CWE-362
Race Condition
|
CVE-2017-18647
|
2024-11-21 12:20 |
2020-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249184
|
9.8 |
CRITICAL
Network
|
google
|
android
|
An issue was discovered on Samsung mobile devices with M(6.0) and N(7.0) (Exynos7420, Exynos8890, or MSM8996 chipsets) software. RKP allows memory corruption. The Samsung ID is SVE-2016-7897 (January…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-18696
|
2024-11-21 12:20 |
2020-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249185
|
6.5 |
MEDIUM
Network
|
google
|
android
|
An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.0) software. Attackers (who control a certain subdomain) can discover a user's credentials, during an email…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2017-18695
|
2024-11-21 12:20 |
2020-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249186
|
5.3 |
MEDIUM
Network
|
google
|
android
|
An issue was discovered on Samsung mobile devices with software through 2016-10-25 (Exynos5 chipsets). Attackers can read kernel addresses in the log because an incorrect format specifier is used. Th…
|
CWE-200
Information Exposure
|
CVE-2017-18694
|
2024-11-21 12:20 |
2020-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249187
|
9.8 |
CRITICAL
Network
|
google
|
android
|
An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.0) software. There is a buffer overflow in the fps sysfs entry. The Samsung ID is SVE-2016-7510 (January 20…
|
CWE-120
Classic Buffer Overflow
|
CVE-2017-18693
|
2024-11-21 12:20 |
2020-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249188
|
8.1 |
HIGH
Network
|
google
|
android
|
An issue was discovered on Samsung mobile devices with M(6.0) and N(7.0) (MSM8939, MSM8996, MSM8998, Exynos7580, Exynos8890, or Exynos8895 chipsets) software. There is a race condition, with a result…
|
CWE-362
Race Condition
|
CVE-2017-18692
|
2024-11-21 12:20 |
2020-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249189
|
6.5 |
MEDIUM
Adjacent
|
syska
|
smartlight_rainbow_led_smart_bulb_firmware
|
Syska Smart Bulb devices through 2017-08-06 receive RGB parameters over cleartext Bluetooth Low Energy (BLE), leading to sniffing, reverse engineering, and replay attacks.
|
CWE-200
Information Exposure
|
CVE-2017-18642
|
2024-11-21 12:20 |
2020-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249190
|
8.1 |
HIGH
Network
|
linuxcontainers
|
lxc
|
In LXC 2.0, many template scripts download code over cleartext HTTP, and omit a digital-signature check, before running it to bootstrap containers.
|
CWE-287
Improper Authentication
|
CVE-2017-18641
|
2024-11-21 12:20 |
2020-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
