Lucene search
K

522 matches found

Cvelist
Cvelist
added 2018/09/10 8:0 p.m.21 views

CVE-2018-3875

An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the...

9.9CVSS9.7AI score0.01534EPSS
Exploits2References1
CVE
CVE
added 2018/09/10 8:0 p.m.48 views

CVE-2018-3875

CVE-2018-3875 affects Samsung SmartThings Hub STH-ETH-250 (Firmware 0.20.17) where the video-core HTTP server’s credentials handler copies user-controlled JSON fields via strncpy, overflowing a 2000-byte stack buffer when copying the sessionToken. The vulnerability arises because the destination ...

9.9CVSS9.6AI score0.01534EPSS
Exploits2References1Affected Software1
Prion
Prion
added 2018/09/10 7:29 p.m.12 views

Buffer overflow

An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the...

9CVSS9.6AI score0.01534EPSS
Exploits2References1Affected Software1
OSV
OSV
added 2018/09/10 7:29 p.m.4 views

CVE-2018-3875

An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the...

9.9CVSS6.1AI score0.01534EPSS
Exploits2References1
NVD
NVD
added 2018/09/10 7:29 p.m.19 views

CVE-2018-3875

An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the...

9.9CVSS9.7AI score0.01534EPSS
Exploits2References1
OSV
OSV
added 2018/09/10 3:29 p.m.4 views

CVE-2018-3897

An exploitable buffer overflow vulnerabilities exist in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub with Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the...

8.8CVSS6.1AI score0.01534EPSS
Exploits2References1
OSV
OSV
added 2018/09/10 3:29 p.m.2 views

CVE-2018-3896

An exploitable buffer overflow vulnerabilities exist in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub with Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the...

8.8CVSS6.1AI score0.01534EPSS
Exploits2References1
NVD
NVD
added 2018/09/10 3:29 p.m.20 views

CVE-2018-3897

An exploitable buffer overflow vulnerabilities exist in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub with Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the...

9.9CVSS9.5AI score0.01534EPSS
Exploits2References1
NVD
NVD
added 2018/09/10 3:29 p.m.18 views

CVE-2018-3896

An exploitable buffer overflow vulnerabilities exist in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub with Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the...

9.9CVSS9.5AI score0.01534EPSS
Exploits2References1
Prion
Prion
added 2018/09/10 3:29 p.m.17 views

Buffer overflow

An exploitable buffer overflow vulnerabilities exist in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub with Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the...

9CVSS9AI score0.01534EPSS
Exploits2References1Affected Software1
Prion
Prion
added 2018/09/10 3:29 p.m.14 views

Buffer overflow

An exploitable buffer overflow vulnerabilities exist in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub with Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the...

9CVSS9AI score0.01534EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2018/09/10 3:0 p.m.20 views

CVE-2018-3897

An exploitable buffer overflow vulnerabilities exist in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub with Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the...

9.9CVSS9.1AI score0.01534EPSS
Exploits2References1
Cvelist
Cvelist
added 2018/09/10 3:0 p.m.23 views

CVE-2018-3896

An exploitable buffer overflow vulnerabilities exist in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub with Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the...

9.9CVSS9.1AI score0.01534EPSS
Exploits2References1
CVE
CVE
added 2018/09/10 3:0 p.m.68 views

CVE-2018-3897

CVE-2018-3897 affects Samsung SmartThings Hub (STH-ETH-250) firmware 0.20.17. The vulnerability is a stack-buffer overflow in video-core’s HTTP server: a user-controlled JSON parameter (callbackUrl) is copied with strncpy into a 52-byte buffer, enabling potential code execution. Multiple connecte...

9.9CVSS9AI score0.01534EPSS
Exploits2References1Affected Software1
CVE
CVE
added 2018/09/10 3:0 p.m.63 views

CVE-2018-3896

Summary of CVE-2018-3896 (Samsung SmartThings Hub): The vulnerability exists in the video-core HTTP server’s /cameras/XXXX/clips handler. The root cause is a stack-based buffer overflow caused by copying user-controlled JSON fields (notably correlationId) into a fixed-size 52-byte buffer via strn...

9.9CVSS9AI score0.01534EPSS
Exploits2References1Affected Software1
Positive Technologies
Positive Technologies
added 2018/09/10 12:0 a.m.4 views

PT-2018-16290 · Samsung · Samsung Smartthings Hub

Name of the Vulnerable Software and Affected Versions: Samsung SmartThings Hub version 0.20.17 Description: A buffer overflow issue exists in the /cameras/XXXX/clips handler of the video-core's HTTP server. The video-core process incorrectly handles user-controlled JSON payloads, leading to a...

9.9CVSS9.4AI score0.01534EPSS
Exploits2References3
Positive Technologies
Positive Technologies
added 2018/09/10 12:0 a.m.5 views

PT-2018-16268 · Samsung · Samsung Smartthings Hub

Name of the Vulnerable Software and Affected Versions: Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17 Description: A buffer overflow issue exists in the credentials handler of the video-core's HTTP server. The video-core process incorrectly handles fields from a user-controlled JSON...

9.9CVSS9.7AI score0.01534EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2018/09/10 12:0 a.m.3 views

PT-2018-16289 · Samsung · Samsung Smartthings Hub

Name of the Vulnerable Software and Affected Versions: Samsung SmartThings Hub version 0.20.17 Description: A buffer overflow issue exists in the /cameras/XXXX/clips handler of the video-core's HTTP server. The video-core process incorrectly handles user-controlled JSON payloads, leading to a...

9.9CVSS9.3AI score0.01534EPSS
Exploits2References3
CNVD
CNVD
added 2018/08/30 12:0 a.m.2 views

Samsung SmartThings Hub STH-ETH-250 video-core HTTP server injection vulnerability

Samsung SmartThings Hub is a smart home management device from Samsung, South Korea. video-core HTTP server is one of the HTTP servers. A security vulnerability exists in the REST parser of the video-core HTTP server in the Samsung SmartThings Hub STH-ETH-250 using firmware version 0.20.17, which...

9.1CVSS8.5AI score0.01251EPSS
Exploits3References1
CNVD
CNVD
added 2018/08/29 12:0 a.m.1 views

Samsung SmartThings Hub Buffer Overflow Vulnerability

Samsung SmartThings Hub is a smart home management device from Samsung, South Korea. video-core HTTP server is one of the HTTP servers. A buffer overflow vulnerability exists in the /cameras/XXXX/clips handler of the video-core HTTP server in Samsung SmartThings Hub STH-ETH-250 using firmware...

9.9CVSS9.5AI score0.01804EPSS
Exploits2References1
Rows per page
Query Builder