Security Vulnerabilities - CVEs Published In April 2020
An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.0) software. An attacker can obtain the full pathnames of sdcard files by reading the system protected log upon reception of a certain intent. The Samsung ID is SVE-2016-7183 (January 2017).
CVSS Score
5.3
EPSS Score
0.001
Published
2020-04-07
An issue was discovered on Samsung mobile devices with L(5.1), M(6.0), and N(7.0) software. There is an information disclosure (of memory locations outside a buffer) via /dev/dsm_ctrl_dev. The Samsung ID is SVE-2016-7340 (January 2017).
CVSS Score
7.5
EPSS Score
0.001
Published
2020-04-07
An issue was discovered on Samsung mobile devices with M(6.0) and N(7.0) (Exynos5433, Exynos7420, or Exynos7870 chipsets) software. An attacker can bypass a ko (aka Kernel Module) signature by modifying the count of kernel modules. The Samsung ID is SVE-2016-7466 (January 2017).
CVSS Score
7.5
EPSS Score
0.0
Published
2020-04-07
An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.0) (Exynos54xx, Exynos7420, Exynos8890, or Exynos8895 chipsets) software. There is a buffer overflow in the sensor hub. The Samsung ID is SVE-2016-7484 (January 2017).
CVSS Score
9.8
EPSS Score
0.002
Published
2020-04-07
An issue was discovered on Samsung mobile devices with M(6.0) and N(7.0) (Exynos8890 chipsets) software. There are multiple Buffer Overflows in TSP sysfs cmd_store. The Samsung ID is SVE-2016-7500 (January 2017).
CVSS Score
9.8
EPSS Score
0.002
Published
2020-04-07
HCL AppScan Standard is vulnerable to XML External Entity Injection (XXE) attack when processing XML data
CVSS Score
8.2
EPSS Score
0.005
Published
2020-04-07
HCL AppScan Standard is vulnerable to excessive authorization attempts
CVSS Score
9.8
EPSS Score
0.004
Published
2020-04-07
An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), and M(6.0) software. There is a NULL pointer exception in PersonManager, causing memory corruption. The Samsung ID is SVE-2017-8286 (June 2017).
CVSS Score
7.5
EPSS Score
0.001
Published
2020-04-07
An issue was discovered on Samsung mobile devices with M(6.0) software. There is a NULL pointer exception in WifiService via adb-cmd, causing memory corruption. The Samsung ID is SVE-2017-8287 (June 2017).
CVSS Score
8.8
EPSS Score
0.0
Published
2020-04-07
An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.x) software. Applications can send arbitrary premium SMS messages. The Samsung ID is SVE-2017-8701 (June 2017).
CVSS Score
7.5
EPSS Score
0.001
Published
2020-04-07