The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date |
|---|---|---|---|
| CVE-2019-20629 | An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstrated by MP4Box. It contains a heap-based buffer over-read in gf_m2ts_process_pmt in media_tools/mpegts.c that can cause a denial of service via a crafted MP4 file. | MEDIUM | Mar 25, 2020 |
| CVE-2019-20628 | An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstrated by MP4Box. It contains a Use-After-Free vulnerability in gf_m2ts_process_pmt in media_tools/mpegts.c that can cause a denial of service via a crafted MP4 file. | MEDIUM | Mar 25, 2020 |
| CVE-2019-20627 | AutoUpdater.cs in AutoUpdater.NET before 1.5.8 allows XXE. | HIGH | Mar 25, 2020 |
| CVE-2019-20626 | The remote keyless system on Honda HR-V 2017 vehicles sends the same RF signal for each door-open request, which might allow a replay attack. | LOW | Mar 25, 2020 |
| CVE-2019-20625 | An issue was discovered on Samsung mobile devices with N(7.1) and O(8.x) (Exynos chipsets) software. The ion debugfs driver allows information disclosure. The Samsung ID is SVE-2018-13427 (February 2019). | LOW | Mar 26, 2020 |
| CVE-2019-20624 | An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) software. S-Voice leaks keyboard learned words via the lock screen. The Samsung ID is SVE-2018-12981 (February 2019). | MEDIUM | Mar 26, 2020 |
| CVE-2019-20623 | An issue was discovered on Samsung mobile devices with N(7.1), O(8.x), and P(9.0) software. Gallery has uninitialized memory disclosure. The Samsung ID is SVE-2018-13060 (February 2019). | LOW | Mar 26, 2020 |
| CVE-2019-20622 | An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Exynos chipsets) software. There is a baseband stack overflow. The Samsung ID is SVE-2018-13188 (February 2019). | HIGH | Mar 26, 2020 |
| CVE-2019-20621 | An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Exynos chipsets) software. There is a baseband heap overflow. The Samsung ID is SVE-2018-13187 (February 2019). | HIGH | Mar 26, 2020 |
| CVE-2019-20620 | An issue was discovered on Samsung mobile devices with P(9.0) software. The Settings application allows unauthenticated changes. The Samsung IDs are SVE-2019-13814, SVE-2019-13815 (March 2019). | MEDIUM | Mar 26, 2020 |
| CVE-2019-20619 | An issue was discovered on Samsung mobile devices with P(9.0) software. Secure Startup leaks keyboard suggested words. The Samsung ID is SVE-2019-13773 (March 2019). | MEDIUM | Mar 26, 2020 |
| CVE-2019-20618 | An issue was discovered on Samsung mobile devices with P(9.0) software. The Pin Window feature allows unauthenticated unpinning of an app. The Samsung ID is SVE-2018-13765 (March 2019). | MEDIUM | Mar 26, 2020 |
| CVE-2019-20617 | An issue was discovered on Samsung mobile devices with P(9.0) software. Secure Folder leaks preview data of recent apps. The Samsung ID is SVE-2018-13764 (March 2019). | MEDIUM | Mar 26, 2020 |
| CVE-2019-20616 | An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) software. Gallery leaks a thumbnail of Private Mode content. The Samsung ID is SVE-2018-13563 (March 2019). | MEDIUM | Mar 27, 2020 |
| CVE-2019-20615 | An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) software. Attackers can bypass Factory Reset Protection (FRP) via SVoice T&C. The Samsung ID is SVE-2018-13547 (March 2019). | LOW | Mar 27, 2020 |
| CVE-2019-20614 | An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. Allshare allows attackers to access sensitive information. The Samsung ID is SVE-2018-13453 (March 2019). | MEDIUM | Mar 27, 2020 |
| CVE-2019-20613 | An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) software. There is time-based SQL injection in Contacts. The Samsung ID is SVE-2018-13452 (March 2019). | MEDIUM | Mar 25, 2020 |
| CVE-2019-20612 | An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) (Broadcom Wi-Fi, and SEC Wi-Fi chipsets) software. Wi-Fi allows a denial of service via TCP SYN packets. The Samsung ID is SVE-2018-13162 (March 2019). | MEDIUM | Mar 27, 2020 |
| CVE-2019-20611 | An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), Go(8.1), P(9.0), and Go(9.0) (Exynos chipsets) software. A baseband stack overflow leads to arbitrary code execution. The Samsung ID is SVE-2019-13963 (April 2019). | HIGH | Mar 25, 2020 |
| CVE-2019-20610 | An issue was discovered on Samsung mobile devices with N(7.X) and O(8.X) (Exynos 7570, 7870, 7880, 7885, 8890, 8895, and 9810 chipsets) software. A double-fetch vulnerability in Trustlet allows arbitrary TEE code execution. The Samsung ID is SVE-2019-13910 (April 2019). | HIGH | Mar 25, 2020 |
| CVE-2019-20609 | An issue was discovered on Samsung mobile devices with P(9.0) software. Attackers can use Smartwatch to view Secure Folder notification content. The Samsung ID is SVE-2019-13899 (April 2019). | LOW | Mar 25, 2020 |
| CVE-2019-20608 | An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. An attacker can use Emergency mode to disable features. The Samsung IDs are SVE-2018-13164, SVE-2018-13165 (April 2019). | MEDIUM | Mar 25, 2020 |
| CVE-2019-20607 | An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (MSM8996, MSM8998, Exynos7420, Exynos7870, Exynos8890, and Exynos8895 chipsets) software. A heap overflow in the keymaster Trustlet allows attackers to write to TEE memory, and achieve arbitrary code execution. The Samsung ID is SVE-2019-14126 (May 2019). | HIGH | Mar 25, 2020 |
| CVE-2019-20606 | An issue was discovered on Samsung mobile devices with any (before May 2019) software. A phishing attack against OMACP can change the network and internet settings. The Samsung ID is SVE-2019-14073 (May 2019). | MEDIUM | Mar 25, 2020 |
| CVE-2019-20605 | An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Exynos chipsets) software. A heap overflow occurs for baseband in the Shannon modem. The Samsung ID is SVE-2019-14071 (May 2019). | HIGH | Mar 25, 2020 |
| CVE-2019-20604 | An issue was discovered on Samsung mobile devices with O(8.x) software. Attackers can disable Gallery permanently. The Samsung ID is SVE-2019-14031 (May 2019). | MEDIUM | Mar 25, 2020 |
| CVE-2019-20603 | An issue was discovered on Samsung mobile devices with N(7.x), O(8.0), and P(9.0) (Qualcomm chipsets) software. The ESECOMM Trustlet has a NULL pointer dereference. The Samsung ID is SVE-2019-13950 (May 2019). | MEDIUM | Mar 26, 2020 |
| CVE-2019-20602 | An issue was discovered on Samsung mobile devices with N(7.x), O(8.0), and P(9.0) (Qualcomm chipsets) software. The Authnr Trustlet has a NULL pointer dereference. The Samsung ID is SVE-2019-13949 (May 2019). | MEDIUM | Mar 26, 2020 |
| CVE-2019-20601 | An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Exynos7570, 7580, 7870, 7880, and 8890 chipsets) software. RKP memory corruption causes an arbitrary write to protected memory. The Samsung ID is SVE-2019-13921-2 (May 2019). | MEDIUM | Mar 26, 2020 |
| CVE-2019-20600 | An issue was discovered on Samsung mobile devices with O(8.0) and P(9.0) (Exynos8890 chipsets) software. A use-after-free occurs in the MALI GPU driver. The Samsung ID is SVE-2019-13921-1 (May 2019). | LOW | Mar 26, 2020 |
| CVE-2019-20599 | An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. Voice Assistant mishandles the notification audibility of a secured app. The Samsung ID is SVE-2018-13326 (May 2019). | MEDIUM | Mar 26, 2020 |
| CVE-2019-20598 | An issue was discovered on Samsung mobile devices with O(8.x) software. Bixby leaks the keyboard\'s learned words, and the clipboard contents, via the lock screen. The Samsung IDs are SVE-2018-12896, SVE-2018-12897 (May 2019). | LOW | Mar 26, 2020 |
| CVE-2019-20597 | An issue was discovered on Samsung mobile devices with N(7.1), O(8.x), and P(9.0) software. SPENgesture allows arbitrary applications to read or modify user-input logs. The Samsung ID is SVE-2019-14170 (June 2019). | MEDIUM | Mar 26, 2020 |
| CVE-2019-20596 | An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) (Exynos chipsets) software. There is information disclosure in the GateKeeper Trustlet. The Samsung ID is SVE-2019-13958 (June 2019). | MEDIUM | Mar 26, 2020 |
| CVE-2019-20595 | An issue was discovered on Samsung mobile devices with P(9.0) software. Quick Panel allows enabling or disabling the Bluetooth stack without authentication. The Samsung ID is SVE-2019-14545 (July 2019). | LOW | Mar 26, 2020 |
| CVE-2019-20594 | An issue was discovered on Samsung mobile devices with O(8.1) and P(9.0) (Exynos chipsets) software. A heap overflow exists in the bootloader. The Samsung ID is SVE-2019-14371 (July 2019). | MEDIUM | Mar 26, 2020 |
| CVE-2019-20593 | An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) software. Gallery leaks Private Mode thumbnails. The Samsung ID is SVE-2019-14208 (July 2019). | MEDIUM | Mar 25, 2020 |
| CVE-2019-20592 | An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. There is local SQL injection in the Story Video Editor Content Provider. The Samsung ID is SVE-2019-14062 (July 2019). | MEDIUM | Mar 25, 2020 |
| CVE-2019-20591 | An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. There is local SQL injection in the Gear VR Service Content Provider. The Samsung ID is SVE-2019-14058 (July 2019). | MEDIUM | Mar 25, 2020 |
| CVE-2019-20590 | An issue was discovered on Samsung mobile devices with O(8.x) (Qualcomm chipsets) software. There is an integer underflow in the Secure Storage Trustlet. The Samsung ID is SVE-2019-13952 (July 2019). | HIGH | Mar 25, 2020 |
| CVE-2019-20589 | An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (with TEEGRIS) software. There is type confusion in the SKPM Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2019-14892 (August 2019). | HIGH | Mar 24, 2020 |
| CVE-2019-20588 | An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (with TEEGRIS) software. There is type confusion in the SEM Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2019-14891 (August 2019). | HIGH | Mar 24, 2020 |
| CVE-2019-20587 | An issue was discovered on Samsung mobile devices with O(8.1) and P(9.0) (with TEEGRIS) software. There is type confusion in the MLDAP Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2019-14867 (August 2019). | HIGH | Mar 27, 2020 |
| CVE-2019-20586 | An issue was discovered on Samsung mobile devices with O(8.1) and P(9.0) (with TEEGRIS) software. There is type confusion in the FINGERPRINT Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2019-14864 (August 2019). | HIGH | Mar 27, 2020 |
| CVE-2019-20585 | An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (with TEEGRIS) software. There is type confusion in the SEC_FR Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2019-14851 (August 2019). | HIGH | Mar 27, 2020 |
| CVE-2019-20584 | An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (with TEEGRIS) software. There is type confusion in the HDCP Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2019-14850 (August 2019). | HIGH | Mar 27, 2020 |
| CVE-2019-20583 | An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (with TEEGRIS) software. There is type confusion in the EXT_FR Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2019-14847 (August 2019). | HIGH | Mar 27, 2020 |
| CVE-2019-20582 | An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) devices (Exynos9810 chipsets) software. There is a use after free in the ion driver. The Samsung ID is SVE-2019-14837 (August 2019). | HIGH | Mar 27, 2020 |
| CVE-2019-20581 | An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Exynos chipsets) software. A stack overflow in the HDCP Trustlet causes arbitrary code execution. The Samsung ID is SVE-2019-14665 (August 2019). | HIGH | Mar 27, 2020 |
| CVE-2019-20580 | An issue was discovered on Samsung mobile devices with P(9.0) software. The Motion photo player allows attackers to bypass the Secure Folder feature to view images. The Samsung ID is SVE-2019-14653 (August 2019). | MEDIUM | Mar 24, 2020 |
