Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Samsung Subscribe
Filtered by product Galaxy Gear

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-16263 2 Linux, Samsung 2 Tizen, Galaxy Gear 2020-02-03 5.8 MEDIUM 8.8 HIGH
The PulseAudio system service in Tizen allows an unprivileged process to control its A2DP MediaEndpoint, due to improper D-Bus security policy configurations. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2.
CVE-2018-16266 2 Linux, Samsung 2 Tizen, Galaxy Gear 2020-02-03 4.8 MEDIUM 8.1 HIGH
The Enlightenment system service in Tizen allows an unprivileged process to fully control or capture windows, due to improper D-Bus security policy configurations. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2.
CVE-2018-16262 2 Linux, Samsung 2 Tizen, Galaxy Gear 2020-02-03 5.8 MEDIUM 8.8 HIGH
The pkgmgr system service in Tizen allows an unprivileged process to perform package management actions, due to improper D-Bus security policy configurations. Such actions include installing, decrypting, and killing other packages. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2.
CVE-2018-16267 2 Linux, Samsung 2 Tizen, Galaxy Gear 2020-02-03 4.8 MEDIUM 8.1 HIGH
The system-popup system service in Tizen allows an unprivileged process to perform popup-related system actions, due to improper D-Bus security policy configurations. Such actions include the triggering system poweroff menu, and prompting a popup with arbitrary strings. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2.
CVE-2018-16270 1 Samsung 20 Galaxy Gear, Galaxy Gear Firmware, Gear 2 and 17 more 2020-01-30 5.0 MEDIUM 7.5 HIGH
Samsung Galaxy Gear series before build RE2 includes the hcidump utility with no privilege or permission restriction. This allows an unprivileged process to dump Bluetooth HCI packets to an arbitrary file path.
CVE-2018-16269 1 Samsung 20 Galaxy Gear, Galaxy Gear Firmware, Gear 2 and 17 more 2020-01-30 5.0 MEDIUM 7.5 HIGH
The wnoti system service in Samsung Galaxy Gear series allows an unprivileged process to take over the internal notification message data, due to improper D-Bus security policy configurations. This affects Tizen-based firmwares including Samsung Galaxy Gear series before build RE2.