cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2018-3913,https://securityvulnerability.io/vulnerability/CVE-2018-3913,,"An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in the video-core HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy call overflows the destination buffer, which has a size of 32 bytes. An attacker can send an arbitrarily long ""accessKey"" value in order to exploit this vulnerability.",Samsung,Sth-eth-250 Firmware,7.5,HIGH,0.0004799999878741801,false,,false,false,false,,,false,false,,2018-09-21T15:00:00.000Z,0
CVE-2018-3893,https://securityvulnerability.io/vulnerability/CVE-2018-3893,,"An exploitable buffer overflow vulnerability exists in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability.",Samsung,Sth-eth-250 Firmware,9.9,CRITICAL,0.0010499999625608325,false,,false,false,false,,,false,false,,2018-08-27T15:00:00.000Z,0