122 matches found
Code injection
An issue was discovered on Samsung mobile devices with P9.0 Exynos chipsets software. The MALI GPU Driver allows a kernel panic. The Samsung ID is SVE-2019-14372 August 2019...
Heap overflow
An issue was discovered on Samsung mobile devices with N7.x, O8.x, and P9.0 Exynos chipsets software. A upparm heap overflow leads to code execution in the bootloader. The Samsung ID is SVE-2019-14993 September 2019...
Integer overflow
An issue was discovered on Samsung mobile devices with N7.x, O8.x, and P9.0 Exynos chipsets software. The bootloader has an integer signedness error. The Samsung ID is SVE-2019-15230 October 2019...
Buffer overflow
An issue was discovered on Samsung mobile devices with P9.0 devices Qualcomm chipsets software. There is a buffer overflow in the bootloader. The Samsung ID is SVE-2019-15399 November 2019...
Sql injection
An issue was discovered on Samsung mobile devices with N7.x, O8.x, and P9.0 software. There is local SQL injection in the Wi-Fi history Content Provider. The Samsung ID is SVE-2019-14061 August 2019...
Out-of-bounds
An issue was discovered on Samsung mobile devices with O8.x and P9.0 with TEEGRIS software. The BIOSUB Trustlet has an out of bounds write. The Samsung ID is SVE-2019-15261 October 2019...
Design/Logic Flaw
An issue was discovered on Samsung mobile devices with P9.0 software. Gallery allows viewing of photos on the lock screen. The Samsung ID is SVE-2019-15055 October 2019...
CVE-2019-20600
CVE-2019-20600 affects Samsung mobile devices running O(8.0) and P(9.0) on Exynos8890 systems. The issue is a use-after-free in the MALI GPU driver. Affected component: Mali GPU driver in affected Samsung devices; root cause: use-after-free vulnerability. The provided documents do not specify the...
CVE-2019-20595
CVE-2019-20595 concerns Samsung mobile devices running P(9.0) where the Quick Panel can enable or disable the Bluetooth stack without authentication. Affected: Samsung mobile devices with P(9.0) software (as cited in the CVE records). Root cause: an insecure Quick Panel action allows state change...
CVE-2019-20595
An issue was discovered on Samsung mobile devices with P9.0 software. Quick Panel allows enabling or disabling the Bluetooth stack without authentication. The Samsung ID is SVE-2019-14545 July 2019...
CVE-2019-20594
Affected software/hardware: Samsung mobile devices with O(8.1) and P(9.0) on Exynos chipsets. Vulnerability: a heap overflow in the bootloader. Root cause: heap overflow in bootloader code (unspecified module) leading to potential impact on device integrity. Impact: Partial to high in CVSS terms ...
CVE-2019-20591
An issue was discovered on Samsung mobile devices with N7.x, O8.x, and P9.0 software. There is local SQL injection in the Gear VR Service Content Provider. The Samsung ID is SVE-2019-14058 July 2019...
CVE-2019-20587
CVE-2019-20587 corresponds to a type-confusion vulnerability in Samsung mobile devices running O(8.1) and P(9.0) with TEEGRIS. The issue is in the MLDAP Trustlet, enabling arbitrary code execution due to a type confusion flaw. Samsung ID: SVE-2019-14867 (August 2019). Connected sources (Red Hat, ...
CVE-2019-20586
CVE-2019-20586 affects Samsung mobile devices running O(8.1) and P(9.0) with TEEGRIS. Root cause is a type confusion in the FINGERPRINT Trustlet, enabling arbitrary code execution. Exploitation details are not provided in the available documents, and no public patch/version fix is specified; one ...
CVE-2019-20586
An issue was discovered on Samsung mobile devices with O8.1 and P9.0 with TEEGRIS software. There is type confusion in the FINGERPRINT Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2019-14864 August 2019...
CVE-2019-20585
The CVE-2019-20585 issue affects Samsung mobile devices running O(8.x) and P(9.0) with TEEGRIS. Root cause: type confusion in the SEC_FR Trustlet that permits arbitrary code execution. Affected component: SEC_FR Trustlet on Samsung devices; Samsung ID SVE-2019-14851. No concrete remediation or ex...
CVE-2019-20584
Samsung mobile devices running O(8.x) and P(9.0) with TEEGRIS are affected by a type-confusion in the HDCP Trustlet, enabling arbitrary code execution. Root cause: type confusion within the HDCP Trustlet component. Impact, as reflected in CVE records, is high/critical (CVE-2019-20584) with potent...
CVE-2019-20580
This CVE concerns Samsung mobile devices running P(9.0). The Motion photo player is able to bypass the Secure Folder feature to view images, constituting an information disclosure vulnerability. Affected software/hardware: Samsung mobile devices with P(9.0). Vulnerable component: Motion photo pla...
CVE-2019-20577
CVE-2019-20577 affects Samsung mobile devices running P(9.0) on Exynos chipsets, where the Mali GPU driver can cause a kernel panic. The issue is documented across multiple sources (NVD, Red Hat RH:CVE-2019-20577, CVE records) with Samsung’s internal reference SVE-2019-14372 (August 2019). Public...
CVE-2019-20572
CVE-2019-20572 describes a buffer overflow in the load_kernel path on Samsung mobile devices with Exynos chips running O(8.1) and P(9.0). The issue is triggered by untrusted data and is documented across multiple feeds (NVD entry and Red Hat/CVE references) under the Samsung ID SVE-2019-14939. Th...