Lucene search
K

522 matches found

NVD
NVD
added 2018/09/21 2:29 p.m.23 views

CVE-2018-3873

An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 128 bytes. An attacker can send an arbitrarily long...

9.9CVSS9.7AI score0.01804EPSS
Exploits2References1
NVD
NVD
added 2018/09/21 2:29 p.m.21 views

CVE-2018-3876

An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 64 bytes. An attacker can send an arbitrarily long "bucket"...

9.9CVSS9.2AI score0.01871EPSS
Exploits2References1
Prion
Prion
added 2018/09/21 2:29 p.m.14 views

Buffer overflow

An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 32 bytes. An attacker can send an arbitrarily long...

9CVSS9.6AI score0.01802EPSS
Exploits2References1Affected Software1
NVD
NVD
added 2018/09/21 2:29 p.m.21 views

CVE-2018-3874

An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 32 bytes. An attacker can send an arbitrarily long...

9.9CVSS9.7AI score0.01802EPSS
Exploits2References1
Prion
Prion
added 2018/09/21 2:29 p.m.14 views

Buffer overflow

An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 128 bytes. An attacker can send an arbitrarily long...

9CVSS9.6AI score0.01804EPSS
Exploits2References1Affected Software1
Prion
Prion
added 2018/09/21 2:29 p.m.18 views

Buffer overflow

An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 64 bytes. An attacker can send an arbitrarily long "bucket"...

9CVSS9.1AI score0.01871EPSS
Exploits2References1Affected Software1
OSV
OSV
added 2018/09/21 2:29 p.m.4 views

CVE-2018-3876

An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 64 bytes. An attacker can send an arbitrarily long "bucket"...

8.8CVSS6.1AI score0.01871EPSS
Exploits2References1
OSV
OSV
added 2018/09/21 2:29 p.m.6 views

CVE-2018-3874

An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 32 bytes. An attacker can send an arbitrarily long...

9.9CVSS6.1AI score0.01802EPSS
Exploits2References1
NVD
NVD
added 2018/09/21 2:29 p.m.21 views

CVE-2018-3877

An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 160 bytes. An attacker can send an arbitrarily long...

9.9CVSS9.7AI score0.01804EPSS
Exploits2References1
Prion
Prion
added 2018/09/21 2:29 p.m.18 views

Buffer overflow

An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 160 bytes. An attacker can send an arbitrarily long...

9CVSS9.6AI score0.01804EPSS
Exploits2References1Affected Software1
CVE
CVE
added 2018/09/21 2:0 p.m.61 views

CVE-2018-3876

The CVE-2018-3876 issue affects Samsung SmartThings Hub STH-ETH-250, Firmware 0.20.17, via the video-core HTTP server in the credentials handler. The vulnerability arises from a buffer overflow caused by copying a user-controlled JSON parameter (bucket) using strncpy with a destination buffer of ...

9.9CVSS9.1AI score0.01871EPSS
Exploits2References1Affected Software1
CVE
CVE
added 2018/09/21 2:0 p.m.55 views

CVE-2018-3873

Samsung SmartThings Hub (STH-ETH-250) firmware 0.20.17 uses the video-core HTTP server where the credentials handler copies user-controlled JSON values with strncpy into a stack buffer (128 bytes). The bug allows an arbitrarily long value in keys such as "secretKey" (and related fields) to overfl...

9.9CVSS9.5AI score0.01804EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2018/09/21 2:0 p.m.24 views

CVE-2018-3873

An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 128 bytes. An attacker can send an arbitrarily long...

9.9CVSS9.7AI score0.01804EPSS
Exploits2References1
Cvelist
Cvelist
added 2018/09/21 2:0 p.m.20 views

CVE-2018-3874

An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 32 bytes. An attacker can send an arbitrarily long...

9.9CVSS9.7AI score0.01802EPSS
Exploits2References1
CVE
CVE
added 2018/09/21 2:0 p.m.54 views

CVE-2018-3877

The advisory notes CVE-2018-3877 affects Samsung SmartThings Hub STH-ETH-250 with firmware 0.20.17, where video-core’s HTTP server credentials handler copies JSON parameter values using strncpy into a stack buffer sized 160 bytes. The source data (e.g., the directory field) is user controlled, an...

9.9CVSS9.5AI score0.01804EPSS
Exploits2References1Affected Software1
CVE
CVE
added 2018/09/21 2:0 p.m.59 views

CVE-2018-3874

CVE-2018-3874 (Samsung SmartThings Hub STH-ETH-250) : The video-core HTTP server credentials handler accepts a JSON payload and copies parameters using strncpy into a 32-byte stack buffer. The length is taken from the source string itself, which is user-controlled, enabling a stack-based buffer o...

9.9CVSS9.5AI score0.01802EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2018/09/21 2:0 p.m.21 views

CVE-2018-3877

An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 160 bytes. An attacker can send an arbitrarily long...

9.9CVSS9.7AI score0.01804EPSS
Exploits2References1
Cvelist
Cvelist
added 2018/09/21 2:0 p.m.25 views

CVE-2018-3876

An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 64 bytes. An attacker can send an arbitrarily long "bucket"...

9.9CVSS9.2AI score0.01871EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2018/09/21 12:0 a.m.3 views

PT-2018-16305 · Samsung · Samsung Smartthings Hub

Name of the Vulnerable Software and Affected Versions: Samsung SmartThings Hub STH-ETH-250 version 0.20.17 Description: A stack-based buffer overflow issue exists in the video-core HTTP server due to the retrieval of database fields. Specifically, the strcpy call overflows a destination buffer of...

7.5CVSS7.1AI score0.00398EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2018/09/21 12:0 a.m.3 views

PT-2018-16307 · Samsung · Samsung Smartthings Hub

Name of the Vulnerable Software and Affected Versions: Samsung SmartThings Hub STH-ETH-250 version 0.20.17 Description: A stack-based buffer overflow issue exists in the video-core HTTP server due to the retrieval of database fields. Specifically, the strcpy call overflows a destination buffer of...

8.2CVSS7.7AI score0.00397EPSS
Exploits2References2
Rows per page
Query Builder