156 matches found
CVE-2021-25434
Improper input validation vulnerability in Tizen bootloader prior to Firmware update JUL-2021 Release allows arbitrary code execution using param partition in wireless firmware download mode...
CVE-2021-25436
Improper input validation vulnerability in Tizen FOTA service prior to Firmware update JUL-2021 Release allows arbitrary code execution via Samsung Accessory Protocol...
CVE-2021-25435
Improper input validation vulnerability in Tizen bootloader prior to Firmware update JUL-2021 Release allows arbitrary code execution using recovery partition in wireless firmware download mode...
CVE-2021-25424
Improper authentication vulnerability in Tizen bluetooth-frwk prior to Firmware update JUN-2021 Release allows bluetooth attacker to take over the user's bluetooth device without user awareness...
CVE-2021-22684
Tizen RT RTOS version 3.0.GBB is vulnerable to integer wrap-around in functionscalloc and mmzalloc. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash...
CVE-2018-16272
The wpasupplicant system service in Samsung Galaxy Gear series allows an unprivileged process to fully control the Wi-Fi interface, due to the lack of its D-Bus security policy configurations. This affects Tizen-based firmwares including Samsung Galaxy Gear series before build RE2...
CVE-2018-16267
The system-popup system service in Tizen allows an unprivileged process to perform popup-related system actions, due to improper D-Bus security policy configurations. Such actions include the triggering system poweroff menu, and prompting a popup with arbitrary strings. This affects Tizen before...
CVE-2018-16268
The SoundServer/FocusServer system services in Tizen allow an unprivileged process to perform media-related system actions, due to improper D-Bus security policy configurations. Such actions include playing an arbitrary sound file or DTMF tones. This affects Tizen before 5.0 M1, and Tizen-based...
CVE-2018-16262
The pkgmgr system service in Tizen allows an unprivileged process to perform package management actions, due to improper D-Bus security policy configurations. Such actions include installing, decrypting, and killing other packages. This affects Tizen before 5.0 M1, and Tizen-based firmwares...
CVE-2018-16271
The wemailconsumerservice from the built-in application wemail in Samsung Galaxy Gear series allows an unprivileged process to manipulate a user's mailbox, due to improper D-Bus security policy configurations. An arbitrary email can also be sent from the mailbox via the paired smartphone. This...
CVE-2018-16264
The BlueZ system service in Tizen allows an unprivileged process to partially control Bluetooth or acquire sensitive information, due to improper D-Bus security policy configurations. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2...
CVE-2018-16269
The wnoti system service in Samsung Galaxy Gear series allows an unprivileged process to take over the internal notification message data, due to improper D-Bus security policy configurations. This affects Tizen-based firmwares including Samsung Galaxy Gear series before build RE2...
CVE-2018-16265
The bt/btcore system service in Tizen allows an unprivileged process to create a system user interface and control the Bluetooth pairing process, due to improper D-Bus security policy configurations. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series...
CVE-2018-16266
The Enlightenment system service in Tizen allows an unprivileged process to fully control or capture windows, due to improper D-Bus security policy configurations. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2...
CVE-2012-6459
ConnMan 1.3 on Tizen continues to list the bluetooth service after offline mode has been enabled, which might allow remote attackers to obtain sensitive information via Bluetooth packets...
CVE-2018-16263
The PulseAudio system service in Tizen allows an unprivileged process to control its A2DP MediaEndpoint, due to improper D-Bus security policy configurations. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2...
Android Buffer Overflow in WhatsApp (CVE-2019-3568)
Binary data androidcve-2019-18426.nbin...
docs.tizen.org Cross Site Scripting vulnerability OBB-3813278
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
The vulnerability in the implementation of the calloc() and mm_zalloc() functions in the Tizen RT operating systems allows a hacker to cause a service failure.
The vulnerability of the calloc and mmzalloc functions in Tizen RT operating systems is related to integer overflow. Exploiting this vulnerability can allow a remote attacker to cause a service failure...
CVE-2021-22684
Tizen RT RTOS version 3.0.GBB is vulnerable to integer wrap-around in functionscalloc and mmzalloc. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash...